Last active
February 13, 2021 11:18
-
-
Save y13i/68939aad72c68dcbf6bed028476bd1a7 to your computer and use it in GitHub Desktop.
Generic AWS VPC Networking Template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Description: Generic AWS VPC Networking | |
Parameters: | |
PrivateToInternetAccess: | |
Type: String | |
Description: If true, NAT Gateways and Elastic IPs will be created for the internet access from private subnets. | |
AllowedValues: | |
- "false" | |
- "true" | |
Default: "false" | |
CidrPrefix: | |
Type: String | |
Description: Prefix of the network ranges. | |
Default: "10.0" | |
Conditions: | |
PrivateToInternetAccessCondition: | |
Fn::Equals: | |
- Ref: PrivateToInternetAccess | |
- "true" | |
Resources: | |
Vpc: | |
Type: AWS::EC2::VPC | |
Properties: | |
EnableDnsSupport: true | |
EnableDnsHostnames: true | |
CidrBlock: | |
Fn::Join: | |
- "" | |
- - Ref: CidrPrefix | |
- .0.0/16 | |
Tags: | |
- Key: Name | |
Value: | |
Ref: AWS::StackName | |
InternetGateway: | |
Type: AWS::EC2::InternetGateway | |
Properties: | |
Tags: | |
- Key: Name | |
Value: | |
Ref: AWS::StackName | |
InternetGatewayAttachment: | |
Type: AWS::EC2::VPCGatewayAttachment | |
Properties: | |
VpcId: | |
Ref: Vpc | |
InternetGatewayId: | |
Ref: InternetGateway | |
PublicRouteTable: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
VpcId: | |
Ref: Vpc | |
Tags: | |
- Key: Name | |
Value: | |
Fn::Join: | |
- "-" | |
- - Ref: AWS::StackName | |
- public | |
PublicToInternetRoute: | |
Type: AWS::EC2::Route | |
Properties: | |
DestinationCidrBlock: 0.0.0.0/0 | |
RouteTableId: | |
Ref: PublicRouteTable | |
GatewayId: | |
Ref: InternetGateway | |
PublicSubnet0: | |
Type: AWS::EC2::Subnet | |
Properties: | |
CidrBlock: | |
Fn::Join: | |
- "" | |
- - Ref: CidrPrefix | |
- .0.0/22 | |
MapPublicIpOnLaunch: true | |
AvailabilityZone: | |
Fn::Select: | |
- 0 | |
- Fn::GetAZs: | |
Ref: AWS::Region | |
VpcId: | |
Ref: Vpc | |
Tags: | |
- Key: Name | |
Value: | |
Fn::Join: | |
- "-" | |
- - Ref: AWS::StackName | |
- public | |
- "0" | |
PublicSubnet0RouteTableAssociation: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
RouteTableId: | |
Ref: PublicRouteTable | |
SubnetId: | |
Ref: PublicSubnet0 | |
PublicSubnet1: | |
Type: AWS::EC2::Subnet | |
Properties: | |
CidrBlock: | |
Fn::Join: | |
- "" | |
- - Ref: CidrPrefix | |
- .4.0/22 | |
MapPublicIpOnLaunch: true | |
AvailabilityZone: | |
Fn::Select: | |
- 1 | |
- Fn::GetAZs: | |
Ref: AWS::Region | |
VpcId: | |
Ref: Vpc | |
Tags: | |
- Key: Name | |
Value: | |
Fn::Join: | |
- "-" | |
- - Ref: AWS::StackName | |
- public | |
- "1" | |
PublicSubnet1RouteTableAssociation: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
RouteTableId: | |
Ref: PublicRouteTable | |
SubnetId: | |
Ref: PublicSubnet1 | |
PrivateRouteTable0: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
VpcId: | |
Ref: Vpc | |
Tags: | |
- Key: Name | |
Value: | |
Fn::Join: | |
- "-" | |
- - Ref: AWS::StackName | |
- private | |
- "0" | |
PrivateToInternetRoute0: | |
Type: AWS::EC2::Route | |
Condition: PrivateToInternetAccessCondition | |
Properties: | |
DestinationCidrBlock: 0.0.0.0/0 | |
RouteTableId: | |
Ref: PrivateRouteTable0 | |
NatGatewayId: | |
Ref: NatGateway0 | |
PrivateSubnet0: | |
Type: AWS::EC2::Subnet | |
Properties: | |
CidrBlock: | |
Fn::Join: | |
- "" | |
- - Ref: CidrPrefix | |
- .8.0/22 | |
MapPublicIpOnLaunch: false | |
AvailabilityZone: | |
Fn::Select: | |
- 0 | |
- Fn::GetAZs: | |
Ref: AWS::Region | |
VpcId: | |
Ref: Vpc | |
Tags: | |
- Key: Name | |
Value: | |
Fn::Join: | |
- "-" | |
- - Ref: AWS::StackName | |
- private | |
- "0" | |
PrivateSubnet0RouteTableAssociation: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
RouteTableId: | |
Ref: PrivateRouteTable0 | |
SubnetId: | |
Ref: PrivateSubnet0 | |
ElasticIp0: | |
Type: AWS::EC2::EIP | |
Condition: PrivateToInternetAccessCondition | |
Properties: | |
Domain: vpc | |
NatGateway0: | |
Type: AWS::EC2::NatGateway | |
Condition: PrivateToInternetAccessCondition | |
Properties: | |
AllocationId: | |
Fn::GetAtt: | |
- ElasticIp0 | |
- AllocationId | |
SubnetId: | |
Ref: PublicSubnet0 | |
Tags: | |
- Key: Name | |
Value: | |
Fn::Join: | |
- "-" | |
- - Ref: AWS::StackName | |
- "0" | |
PrivateRouteTable1: | |
Type: AWS::EC2::RouteTable | |
Properties: | |
VpcId: | |
Ref: Vpc | |
Tags: | |
- Key: Name | |
Value: | |
Fn::Join: | |
- "-" | |
- - Ref: AWS::StackName | |
- private | |
- "1" | |
PrivateToInternetRoute1: | |
Type: AWS::EC2::Route | |
Condition: PrivateToInternetAccessCondition | |
Properties: | |
DestinationCidrBlock: 0.0.0.0/0 | |
RouteTableId: | |
Ref: PrivateRouteTable1 | |
NatGatewayId: | |
Ref: NatGateway1 | |
PrivateSubnet1: | |
Type: AWS::EC2::Subnet | |
Properties: | |
CidrBlock: | |
Fn::Join: | |
- "" | |
- - Ref: CidrPrefix | |
- .12.0/22 | |
MapPublicIpOnLaunch: false | |
AvailabilityZone: | |
Fn::Select: | |
- 1 | |
- Fn::GetAZs: | |
Ref: AWS::Region | |
VpcId: | |
Ref: Vpc | |
Tags: | |
- Key: Name | |
Value: | |
Fn::Join: | |
- "-" | |
- - Ref: AWS::StackName | |
- private | |
- "1" | |
PrivateSubnet1RouteTableAssociation: | |
Type: AWS::EC2::SubnetRouteTableAssociation | |
Properties: | |
RouteTableId: | |
Ref: PrivateRouteTable1 | |
SubnetId: | |
Ref: PrivateSubnet1 | |
ElasticIp1: | |
Type: AWS::EC2::EIP | |
Condition: PrivateToInternetAccessCondition | |
Properties: | |
Domain: vpc | |
NatGateway1: | |
Type: AWS::EC2::NatGateway | |
Condition: PrivateToInternetAccessCondition | |
Properties: | |
AllocationId: | |
Fn::GetAtt: | |
- ElasticIp1 | |
- AllocationId | |
SubnetId: | |
Ref: PublicSubnet1 | |
Tags: | |
- Key: Name | |
Value: | |
Fn::Join: | |
- "-" | |
- - Ref: AWS::StackName | |
- "1" | |
VPCEndpointForS3: | |
Type: AWS::EC2::VPCEndpoint | |
Properties: | |
RouteTableIds: | |
- Ref: PublicRouteTable | |
- Ref: PrivateRouteTable0 | |
- Ref: PrivateRouteTable1 | |
VpcId: | |
Ref: Vpc | |
ServiceName: | |
Fn::Join: | |
- "." | |
- - com | |
- amazonaws | |
- Ref: AWS::Region | |
- s3 | |
VPCEndpointForDynamoDB: | |
Type: AWS::EC2::VPCEndpoint | |
Properties: | |
RouteTableIds: | |
- Ref: PublicRouteTable | |
- Ref: PrivateRouteTable0 | |
- Ref: PrivateRouteTable1 | |
VpcId: | |
Ref: Vpc | |
ServiceName: | |
Fn::Join: | |
- "." | |
- - com | |
- amazonaws | |
- Ref: AWS::Region | |
- dynamodb | |
DBSubnetGroup: | |
Type: AWS::RDS::DBSubnetGroup | |
Properties: | |
DBSubnetGroupDescription: | |
Ref: AWS::StackName | |
SubnetIds: | |
- Ref: PrivateSubnet0 | |
- Ref: PrivateSubnet1 | |
Tags: | |
- Key: Name | |
Value: | |
Ref: AWS::StackName |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment