AWS: VPC 2AZs

1. ---
2. AWSTemplateFormatVersion: '2010-09-09'
3. Description: '2AZs (pub+priv) (based on cloudonaut.io template)'
4. # Invoke with
5. # aws cloudformation create-stack --stack-name <name> --template-body https://pastebin.com/raw/<id> --parameters ParameterKey=Owner,ParameterValue=<owner> ParameterKey=ClassB,ParameterValue=10 ParameterKey=NatSubnetZone,ParameterValue=B --profile awslabs
6. Metadata:
7.   'AWS::CloudFormation::Interface':
8.     ParameterGroups:
9.     - Label:
10.         default: 'VPC Parameters'
11.       Parameters:
12.      - ClassB
13. Parameters:
14.   ClassB:
15.     Description: 'Class B of VPC (10.XXX.0.0/16)'
16.     Type: Number
17.     Default: 0
18.     ConstraintDescription: 'Must be in the range [0-255]'
19.     MinValue: 0
20.     MaxValue: 255
21.   Owner:
22.     Description: 'Owner of the resources.'
23.     Type: String
24.   NatSubnetZone:
25.     Description: 'NATgw Subnet zone.'
26.     Type: String
27.     Default: A
28.     AllowedValues:
29.    - A
30.     - B
31. Conditions:
32.   NatInPublicSubnetA: !Equals [ !Ref NatSubnetZone, A ]    
33.  
34. Resources:
35.   VPC:
36.     Type: 'AWS::EC2::VPC'
37.     Properties:
38.       CidrBlock: !Sub '10.${ClassB}.0.0/16'
39.       EnableDnsSupport: true
40.       EnableDnsHostnames: true
41.       InstanceTenancy: default
42.       Tags:
43.       - Key: Name
44.         Value: !Sub '${Owner}-vpc-${ClassB}'
45.       - Key: Owner
46.         Value: !Sub '${Owner}'
47.   InternetGateway:
48.     Type: 'AWS::EC2::InternetGateway'
49.     Properties:
50.       Tags:
51.       - Key: Name
52.         Value: !Sub '${Owner}-igw-${ClassB}'
53.       - Key: Owner
54.         Value: !Sub '${Owner}'
55.   VPCGatewayAttachment:
56.     Type: 'AWS::EC2::VPCGatewayAttachment'
57.     Properties:
58.       VpcId: !Ref VPC
59.       InternetGatewayId: !Ref InternetGateway
60.   SubnetAPublic:
61.     Type: 'AWS::EC2::Subnet'
62.     Properties:
63.       AvailabilityZone: !Select [0, !GetAZs '']
64.       CidrBlock: !Sub '10.${ClassB}.0.0/20'
65.       MapPublicIpOnLaunch: true
66.       VpcId: !Ref VPC
67.       Tags:
68.       - Key: Name
69.         Value: !Sub '${Owner}-sub-${ClassB}-A public'
70.       - Key: Reach
71.         Value: public
72.       - Key: Owner
73.         Value: !Sub '${Owner}'
74.   SubnetAPrivate:
75.     Type: 'AWS::EC2::Subnet'
76.     Properties:
77.       AvailabilityZone: !Select [0, !GetAZs '']
78.       CidrBlock: !Sub '10.${ClassB}.16.0/20'
79.       VpcId: !Ref VPC
80.       Tags:
81.       - Key: Name
82.         Value: !Sub '${Owner}-sub-${ClassB}-A private'
83.       - Key: Reach
84.         Value: private
85.       - Key: Owner
86.         Value: !Sub '${Owner}'
87.   SubnetBPublic:
88.     Type: 'AWS::EC2::Subnet'
89.     Properties:
90.       AvailabilityZone: !Select [1, !GetAZs '']
91.       CidrBlock: !Sub '10.${ClassB}.32.0/20'
92.       MapPublicIpOnLaunch: true
93.       VpcId: !Ref VPC
94.       Tags:
95.       - Key: Name
96.         Value: !Sub '${Owner}-sub-${ClassB}-B public'
97.       - Key: Reach
98.         Value: public
99.       - Key: Owner
100.         Value: !Sub '${Owner}'
101.   SubnetBPrivate:
102.     Type: 'AWS::EC2::Subnet'
103.     Properties:
104.       AvailabilityZone: !Select [1, !GetAZs '']
105.       CidrBlock: !Sub '10.${ClassB}.48.0/20'
106.       VpcId: !Ref VPC
107.       Tags:
108.       - Key: Name
109.         Value: !Sub '${Owner}-sub-${ClassB}-B private'
110.       - Key: Reach
111.         Value: private
112.       - Key: Owner
113.         Value: !Sub '${Owner}'
114.   RouteTablePublic:
115.     Type: 'AWS::EC2::RouteTable'
116.     Properties:
117.       VpcId: !Ref VPC
118.       Tags:
119.       - Key: Name
120.         Value: !Sub '${Owner}-rt-${ClassB}-public'
121.       - Key: Owner
122.         Value: !Sub '${Owner}'
123.   RouteTablePrivate:
124.     Type: 'AWS::EC2::RouteTable'
125.     Properties:
126.       VpcId: !Ref VPC
127.       Tags:
128.       - Key: Name
129.         Value: !Sub '${Owner}-rt-${ClassB}-private'
130.       - Key: Owner
131.         Value: !Sub '${Owner}'
132.   RouteTableAssociationAPublic:
133.     Type: 'AWS::EC2::SubnetRouteTableAssociation'
134.     Properties:
135.       SubnetId: !Ref SubnetAPublic
136.       RouteTableId: !Ref RouteTablePublic
137.   RouteTableAssociationAPrivate:
138.     Type: 'AWS::EC2::SubnetRouteTableAssociation'
139.     Properties:
140.       SubnetId: !Ref SubnetAPrivate
141.       RouteTableId: !Ref RouteTablePrivate
142.   RouteTableAssociationBPublic:
143.     Type: 'AWS::EC2::SubnetRouteTableAssociation'
144.     Properties:
145.       SubnetId: !Ref SubnetBPublic
146.       RouteTableId: !Ref RouteTablePublic
147.   RouteTableAssociationBPrivate:
148.     Type: 'AWS::EC2::SubnetRouteTableAssociation'
149.     Properties:
150.       SubnetId: !Ref SubnetBPrivate
151.       RouteTableId: !Ref RouteTablePrivate
152.   RouteTablePublicInternetRoute:
153.     Type: 'AWS::EC2::Route'
154.     DependsOn: VPCGatewayAttachment
155.     Properties:
156.       RouteTableId: !Ref RouteTablePublic
157.       DestinationCidrBlock: '0.0.0.0/0'
158.       GatewayId: !Ref InternetGateway
159.      
160.      
161.      
162.   EIP:
163.     Type: 'AWS::EC2::EIP'
164.     Properties:
165.       Domain: vp      
166.   NatGateway:
167.     Type: 'AWS::EC2::NatGateway'
168.     Properties:
169.       AllocationId: !GetAtt 'EIP.AllocationId'
170.       SubnetId: !If [NatInPublicSubnetA, !Ref SubnetAPublic, !Ref SubnetBPublic]
171.   Route:
172.     Type: AWS::EC2::Route
173.     Properties:
174.       RouteTableId: !Ref RouteTablePrivate
175.       DestinationCidrBlock: '0.0.0.0/0'
176.       NatGatewayId: !Ref NatGateway  
177.  
178.  
179.      
180. Outputs:
181.   TemplateID:
182.     Description: 'cloudonaut.io template id'
183.     Value: 'vpc/vpc-2azs'
184.   StackName:
185.     Description: 'Stack name'
186.     Value: !Sub '${AWS::StackName}'
187.   AZs:
188.     Description: 'AZs'
189.     Value: 2
190.     Export:
191.       Name: !Sub '${AWS::StackName}-AZs'
192.   AZA:
193.     Description: 'AZ of A'
194.     Value: !Select [0, !GetAZs '']
195.     Export:
196.       Name: !Sub '${AWS::StackName}-AZA'
197.   AZB:
198.     Description: 'AZ of B'
199.     Value: !Select [1, !GetAZs '']
200.     Export:
201.       Name: !Sub '${AWS::StackName}-AZB'
202.   ClassB:
203.     Description: 'Class B.'
204.     Value: !Ref ClassB
205.     Export:
206.       Name: !Sub '${AWS::StackName}-ClassB'
207.   VPC:
208.     Description: 'VPC.'
209.     Value: !Ref VPC
210.     Export:
211.       Name: !Sub '${AWS::StackName}-VPC'
212.   SubnetsPublic:
213.     Description: 'Subnets public.'
214.     Value: !Join [',', [!Ref SubnetAPublic, !Ref SubnetBPublic]]
215.     Export:
216.       Name: !Sub '${AWS::StackName}-SubnetsPublic'
217.   SubnetsPrivate:
218.     Description: 'Subnets private.'
219.     Value: !Join [',', [!Ref SubnetAPrivate, !Ref SubnetBPrivate]]
220.     Export:
221.       Name: !Sub '${AWS::StackName}-SubnetsPrivate'
222.   SubnetAPublic:
223.     Description: 'Subnet A public.'
224.     Value: !Ref SubnetAPublic
225.     Export:
226.       Name: !Sub '${AWS::StackName}-SubnetAPublic'
227.   SubnetPrivate:
228.     Description: 'Subnet A private.'
229.     Value: !Ref SubnetAPrivate
230.     Export:
231.       Name: !Sub '${AWS::StackName}-SubnetAPrivate'
232.   SubnetBPublic:
233.     Description: 'Subnet B public.'
234.     Value: !Ref SubnetBPublic
235.     Export:
236.       Name: !Sub '${AWS::StackName}-SubnetBPublic'
237.   SubnetBPrivate:
238.     Description: 'Subnet B private.'
239.     Value: !Ref SubnetBPrivate
240.     Export:
241.       Name: !Sub '${AWS::StackName}-SubnetBPrivate'
242.   RouteTablePrivate:
243.     Description: 'Route table private (deprecated in v4, will be removed in v5).'
244.     Value: !Ref RouteTablePrivate
245.     Export:
246.       Name: !Sub '${AWS::StackName}-RouteTablePrivate'
247.   RouteTablePublic:
248.     Description: 'Route table public (deprecated in v4, will be removed in v5).'
249.     Value: !Ref RouteTablePublic
250.     Export:
251.       Name: !Sub '${AWS::StackName}-RouteTablePublic'
252.   NATIPAddress:
253.     Description: 'The public IP address of the NAT gateway.'
254.     Value: !Ref EIP
255.     Export:
256.       Name: !Sub '${AWS::StackName}-NATIPAddress'