-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathProject2-Network-infra.yml
252 lines (217 loc) · 7.5 KB
/
Project2-Network-infra.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
AWSTemplateFormatVersion: 2010-09-09
Description: Bakr Ebrahim Ahmed / Udacity - Project 2
Parameters:
ProjectName:
Description: Project Name
Type: String
VPCCIDR:
Description: My VPC
Type: String
Default: 10.0.0.0/16
PublicSub1CIDR:
Description: First public subnet in the first Availability Zone
Type: String
Default: 10.0.1.0/24
PublicSub2CIDR:
Description: Second public subnet in the second Availability Zone
Type: String
Default: 10.0.2.0/24
PrivateSub1CIDR:
Description: First Private subnet in the first Availability Zone
Type: String
Default: 10.0.3.0/24
PrivateSub2CIDR:
Description: Second public subnet in the second Availability Zone
Type: String
Default: 10.0.4.0/24
Resources:
MyVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VPCCIDR
EnableDnsHostnames: true
Tags:
- Key: name
Value: !Ref ProjectName
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: !Ref ProjectName
InternetGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref MyVPC
PublicSub1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: !Ref PublicSub1CIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${ProjectName} Public Subnet First AZ
PublicSub2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
AvailabilityZone: !Select [ 1, !GetAZs '' ]
CidrBlock: !Ref PublicSub2CIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${ProjectName} Public Subnet Second AZ
PrivateSub1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: !Ref PrivateSub1CIDR
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Sub ${ProjectName} Private Subnet First AZ
PrivateSub2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
AvailabilityZone: !Select [ 1, !GetAZs '' ]
CidrBlock: !Ref PrivateSub2CIDR
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Sub ${ProjectName} Private Subnet Second AZ
Nat1EIP:
Type: AWS::EC2::EIP
DependsOn: InternetGatewayAttachment
Properties:
Domain: vpc
Nat2EIP:
Type: AWS::EC2::EIP
DependsOn: InternetGatewayAttachment
Properties:
Domain: vpc
Nat1:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt Nat1EIP.AllocationId
SubnetId: !Ref PublicSub1
Nat2:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt Nat2EIP.AllocationId
SubnetId: !Ref PublicSub2
PublicRoutingTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyVPC
Tags:
- Key: Name
Value: !Sub ${ProjectName} Public Routing table
DefaultPublicRouting:
Type: AWS::EC2::Route
DependsOn: InternetGatewayAttachment
Properties:
RouteTableId: !Ref PublicRoutingTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSub1RoutingTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRoutingTable
SubnetId: !Ref PublicSub1
PublicSub2RoutingTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRoutingTable
SubnetId: !Ref PublicSub2
PrivateRoutingTable1:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyVPC
Tags:
- Key: Name
Value: !Sub ${ProjectName} Private Routes First AZ
DefaultPrivateRouting1:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRoutingTable1
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref Nat1
PrivateSub1RoutingTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRoutingTable1
SubnetId: !Ref PrivateSub1
PrivateRouteTable2:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyVPC
Tags:
- Key: Name
Value: !Sub ${ProjectName} Private Routes Second AZ
DefaultPrivateRouting2:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable2
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref Nat2
PrivateSub2RoutingTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRouteTable2
SubnetId: !Ref PrivateSub2
Outputs:
VPC:
Description: A reference to the created VPC
Value: !Ref MyVPC
Export:
Name: !Sub ${ProjectName}-VPCID
VPCPublicRoutingTable:
Description: Public Routing
Value: !Ref PublicRoutingTable
Export:
Name: !Sub ${ProjectName}-PUB-RT
VPCPrivateRoutingTable1:
Description: Private Routing AZ1
Value: !Ref PrivateRoutingTable1
Export:
Name: !Sub ${ProjectName}-PRI1-RT
VPCPrivateRouteTable2:
Description: Private Routing AZ2
Value: !Ref PrivateRouteTable2
Export:
Name: !Sub ${ProjectName}-PRI2-RT
PublicSubnets:
Description: A list of the public subnets
Value: !Join [ ",", [ !Ref PublicSub1, !Ref PublicSub2 ]]
Export:
Name: !Sub ${ProjectName}-PUB-SUBs
PrivateSubnets:
Description: A list of the private subnets
Value: !Join [ ",", [ !Ref PrivateSub1, !Ref PrivateSub2 ]]
Export:
Name: !Sub ${ProjectName}-PRIV-SUBs
PublicSub1:
Description: A reference to the public subnet in the 1st Availability Zone
Value: !Ref PublicSub1
Export:
Name: !Sub ${ProjectName}-PUB1-SUB
PublicSub2:
Description: A reference to the public subnet in the 2nd Availability Zone
Value: !Ref PublicSub2
Export:
Name: !Sub ${ProjectName}-PUB2-SUB
PrivateSub1:
Description: A reference to the private subnet in the 1st Availability Zone
Value: !Ref PrivateSub1
Export:
Name: !Sub ${ProjectName}-PRI1-SUB
PrivateSub2:
Description: A reference to the private subnet in the 2nd Availability Zone
Value: !Ref PrivateSub2
Export:
Name: !Sub ${ProjectName}-PRI2-SUB