williamhub/load-balancer.yml

## load-balancer.yml
 PrivateLoadBalancerSG:
  Type: AWS::EC2::SecurityGroup
  Properties:
    GroupDescription: Access to the private facing load balancer
    VpcId: !Ref Vpc
    SecurityGroupIngress:
      - SourceSecurityGroupId: !Ref 'PublicEC2InstanceSecurityGroup' # only accept traffic from public accessible instances in the security group
        IpProtocol: -1
    SecurityGroupEgress:
      - CidrIp: 0.0.0.0/0
        IpProtocol: -1

  PublicLoadBalancer:
    Type: AWS::ElasticLoadBalancingV2::LoadBalancer
    Properties:
      Scheme: internet-facing
      LoadBalancerAttributes:
        - Key: idle_timeout.timeout_seconds
          Value: "30"
      Subnets:
        - Fn::ImportValue: PublicSubnetA
        - Fn::ImportValue: PublicSubnetB
      SecurityGroups: [!Ref "PublicLoadBalancerSG"]
	PrivateLoadBalancerSG:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: Access to the private facing load balancer
	VpcId: !Ref Vpc
	SecurityGroupIngress:
	- SourceSecurityGroupId: !Ref 'PublicEC2InstanceSecurityGroup' # only accept traffic from public accessible instances in the security group
	IpProtocol: -1
	SecurityGroupEgress:
	- CidrIp: 0.0.0.0/0
	IpProtocol: -1

	PublicLoadBalancer:
	Type: AWS::ElasticLoadBalancingV2::LoadBalancer
	Properties:
	Scheme: internet-facing
	LoadBalancerAttributes:
	- Key: idle_timeout.timeout_seconds
	Value: "30"
	Subnets:
	- Fn::ImportValue: PublicSubnetA
	- Fn::ImportValue: PublicSubnetB
	SecurityGroups: [!Ref "PublicLoadBalancerSG"]