Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- AWSTemplateFormatVersion: '2010-09-09'
- Description: Creates a VPC that and then creates a peering connection with an existing
- VPC that you specify.
- Parameters:
- EC2KeyPairName:
- Description: Name of an existing EC2 KeyPair to enable SSH access to the instances
- Type: AWS::EC2::KeyPair::KeyName
- ConstraintDescription: must be the name of an existing EC2 KeyPair.
- InstanceType:
- Description: EC2 instance type
- Type: String
- Default: t1.micro
- AllowedValues:
- - t1.micro
- - m1.small
- - m3.medium
- - m3.large
- - m3.xlarge
- - m3.2xlarge
- - c3.large
- - c3.xlarge
- - c3.2xlarge
- - c3.4xlarge
- - c3.8xlarge
- ConstraintDescription: must be a valid EC2 instance type.
- myVPCIDCIDRRange:
- Description: The IP address range for your new VPC.
- Type: String
- MinLength: '9'
- MaxLength: '18'
- Default: 10.1.0.0/16
- AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
- ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
- myPrivateVPCIDCIDRRange:
- Description: The IP address range for your new Private VPC.
- Type: String
- MinLength: '9'
- MaxLength: '18'
- Default: 10.0.0.0/16
- AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
- ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
- EC2SubnetCIDRRange:
- Description: The IP address range for a subnet in myPrivateVPC.
- Type: String
- MinLength: '9'
- MaxLength: '18'
- Default: 10.0.0.0/24
- AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
- ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
- EC2PublicSubnetCIDRRange:
- Description: The IP address range for a subnet in myVPC.
- Type: String
- MinLength: '9'
- MaxLength: '18'
- Default: 10.1.0.0/24
- AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
- ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
- Mappings:
- AWSRegionToAMI:
- us-east-1:
- '64': ami-fb8e9292
- us-west-2:
- '64': ami-043a5034
- us-west-1:
- '64': ami-7aba833f
- eu-west-1:
- '64': ami-2918e35e
- ap-southeast-1:
- '64': ami-b40d5ee6
- ap-southeast-2:
- '64': ami-3b4bd301
- ap-northeast-1:
- '64': ami-c9562fc8
- sa-east-1:
- '64': ami-215dff3c
- Resources:
- myPrivateVPC:
- Type: AWS::EC2::VPC
- Properties:
- CidrBlock:
- Ref: myPrivateVPCIDCIDRRange
- EnableDnsSupport: false
- EnableDnsHostnames: false
- InstanceTenancy: default
- myPrivateEC2Subnet:
- Type: AWS::EC2::Subnet
- Properties:
- VpcId:
- Ref: myPrivateVPC
- CidrBlock:
- Ref: EC2SubnetCIDRRange
- RouteTable:
- Type: AWS::EC2::RouteTable
- Properties:
- VpcId:
- Ref: myPrivateVPC
- PeeringRoute1:
- Type: AWS::EC2::Route
- Properties:
- DestinationCidrBlock: 0.0.0.0/0
- RouteTableId:
- Ref: RouteTable
- VpcPeeringConnectionId:
- Ref: myVPCPeeringConnection
- SubnetRouteTableAssociation:
- Type: AWS::EC2::SubnetRouteTableAssociation
- Properties:
- SubnetId:
- Ref: myPrivateEC2Subnet
- RouteTableId:
- Ref: RouteTable
- myVPC:
- Type: AWS::EC2::VPC
- Properties:
- CidrBlock:
- Ref: myVPCIDCIDRRange
- EnableDnsSupport: true
- EnableDnsHostnames: true
- InstanceTenancy: default
- PublicSubnet:
- Type: AWS::EC2::Subnet
- Properties:
- CidrBlock:
- Ref: EC2PublicSubnetCIDRRange
- VpcId:
- Ref: myVPC
- myInternetGateway:
- Type: AWS::EC2::InternetGateway
- AttachGateway:
- Type: AWS::EC2::VPCGatewayAttachment
- Properties:
- VpcId:
- Ref: myVPC
- InternetGatewayId:
- Ref: myInternetGateway
- PublicRouteTable:
- Type: AWS::EC2::RouteTable
- Properties:
- VpcId:
- Ref: myVPC
- PeeringRoute2:
- Type: AWS::EC2::Route
- Properties:
- DestinationCidrBlock:
- Ref: myPrivateVPCIDCIDRRange
- RouteTableId:
- Ref: PublicRouteTable
- VpcPeeringConnectionId:
- Ref: myVPCPeeringConnection
- PublicRoute:
- Type: AWS::EC2::Route
- DependsOn: AttachGateway
- Properties:
- RouteTableId:
- Ref: PublicRouteTable
- DestinationCidrBlock: 0.0.0.0/0
- GatewayId:
- Ref: myInternetGateway
- PublicSubnetRouteTableAssociation:
- Type: AWS::EC2::SubnetRouteTableAssociation
- Properties:
- SubnetId:
- Ref: PublicSubnet
- RouteTableId:
- Ref: PublicRouteTable
- myPrivateVPCEC2SecurityGroup:
- Type: AWS::EC2::SecurityGroup
- Properties:
- GroupDescription: Private instance security group
- VpcId:
- Ref: myPrivateVPC
- SecurityGroupIngress:
- - IpProtocol: "-1"
- FromPort: '0'
- ToPort: '65535'
- CidrIp: 0.0.0.0/0
- myVPCEC2SecurityGroup:
- Type: AWS::EC2::SecurityGroup
- Properties:
- GroupDescription: Public instance security group
- VpcId:
- Ref: myVPC
- SecurityGroupIngress:
- - IpProtocol: tcp
- FromPort: '80'
- ToPort: '80'
- CidrIp: 0.0.0.0/0
- - IpProtocol: tcp
- FromPort: '22'
- ToPort: '22'
- CidrIp: 0.0.0.0/0
- myPrivateInstance:
- Type: AWS::EC2::Instance
- Properties:
- SecurityGroupIds:
- - Ref: myPrivateVPCEC2SecurityGroup
- SubnetId:
- Ref: myPrivateEC2Subnet
- KeyName:
- Ref: EC2KeyPairName
- ImageId:
- Fn::FindInMap:
- - AWSRegionToAMI
- - Ref: AWS::Region
- - '64'
- myInstance:
- Type: AWS::EC2::Instance
- Properties:
- NetworkInterfaces:
- - AssociatePublicIpAddress: 'true'
- DeviceIndex: '0'
- GroupSet:
- - Ref: myVPCEC2SecurityGroup
- SubnetId:
- Ref: PublicSubnet
- KeyName:
- Ref: EC2KeyPairName
- ImageId:
- Fn::FindInMap:
- - AWSRegionToAMI
- - Ref: AWS::Region
- - '64'
- myVPCPeeringConnection:
- Type: AWS::EC2::VPCPeeringConnection
- Properties:
- VpcId:
Add Comment
Please, Sign In to add comment