Skip to content

Instantly share code, notes, and snippets.

@twasink

twasink/PublicSubnets.yaml

Created January 15, 2019 12:18
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save twasink/1bbfe62e659160ac961f45548814c028 to your computer and use it in GitHub Desktop.
Save twasink/1bbfe62e659160ac961f45548814c028 to your computer and use it in GitHub Desktop.
Download ZIP
Example CloudFormation stack building two public subnets.
Raw
PublicSubnets.yaml
---
AWSTemplateFormatVersion: '2010-09-09'
Description:
The Public Subnet, and associated routing information
# Metadata: # no metadata
Parameters:
Environment:
Type: String
Description:
Stack Environment Prefix.
PrimaryAvailabilityZone:
Type: AWS::EC2::AvailabilityZone::Name
Default: us-east-1a # Probably shouldn't set a default, as it makes this region dependent
SecondaryAvailabilityZone:
Type: AWS::EC2::AvailabilityZone::Name
Default: us-east-1b # Probably shouldn't set a default, as it makes this region dependent
#Mappings:
# Conditions: # No Conditions at this time.
# Transform: # No Transforms at this time
Resources:
# We need to create a VPC Gateway, and then attach it to the VPC.
VPCGateway:
# Using an Internet Gateway for now; may change to a VPN gateway if needed, but one step at a time.
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: !Sub "${Environment} VPC Internet Gateway"
VPCGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref VPCGateway
VpcId:
Fn::ImportValue: !Sub "${Environment}::VPC"
# We need a subnet for publicly available servers. We need two, so that we can register
# a load balancer.
PublicSubnetAZ1:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 10.0.1.0/24 # 10.0.10.0 -> 10.0.1.255
MapPublicIpOnLaunch: false # We will use elastic IPs for public-facing servers.
AvailabilityZone: !Ref PrimaryAvailabilityZone
VpcId:
Fn::ImportValue: !Sub "${Environment}::VPC"
Tags:
- Key: Name
Value: !Sub "${Environment} Public Subnet AZ1"
PublicSubnetAZ2:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 10.0.2.0/24 # 10.0.20.0 -> 10.0.2.255
MapPublicIpOnLaunch: false # We will use elastic IPs for public-facing servers.
AvailabilityZone: !Ref SecondaryAvailabilityZone
VpcId:
Fn::ImportValue: !Sub "${Environment}::VPC"
Tags:
- Key: Name
Value: !Sub "${Environment} Public Subnet AZ2"
# In order for subnets to receive traffic from the public, we need to create
# routing tables and rules.
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Fn::ImportValue: !Sub "${Environment}::VPC"
Tags:
- Key: Name
Value: !Sub "${Environment} Public Route Table"
PublicSubnetRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0 # We have no idea what IPs may be assigned; got to go global
GatewayId: !Ref VPCGateway
# The route can not be configured until the gateway is attached to the subnet.
DependsOn: VPCGatewayAttachment
PublicRouteTableAssociationAZ1:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnetAZ1
RouteTableId: !Ref PublicRouteTable
PublicRouteTableAssociationAZ2:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnetAZ2
RouteTableId: !Ref PublicRouteTable
Outputs:
PublicSubnetAZ1:
Description: The publicly accessible subnet
Value: !Ref PublicSubnetAZ1
Export:
Name: !Sub "${Environment}::PublicSubnetAZ1"
PublicSubnetAZ2:
Description: The publicly accessible subnet
Value: !Ref PublicSubnetAZ2
Export:
Name: !Sub "${Environment}::PublicSubnetAZ2"
@twasink
Copy link
Author

twasink commented Jan 15, 2019

A example of creating public subnets using CloudFormation. See https://twasink.net/2019/01/15/ail-subnets-public-subnets-wow-they-are-free-and-we-can-au-to-mate/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment