-
Notifications
You must be signed in to change notification settings - Fork 0
/
cf-public-private-network-weather.yaml
155 lines (136 loc) · 3.72 KB
/
cf-public-private-network-weather.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
---
AWSTemplateFormatVersion: "2010-09-09"
Description: >
Setup for a VPC with one public and one private subnets.
Several subnets will be deployed, one public in us-east-2b,
the rest is private. A Internet Gateway and NAT Gateway
are deployed in the public subnet.
Author: maxhaws@
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 192.168.0.0/20
EnableDnsHostnames: true
EnableDnsSupport: true
Tags:
- Key: Name
Value: vpc-hpc
publicSubnet:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 192.168.12.0/22
AvailabilityZone:
Fn::Select:
- 1
- Fn::GetAZs: ""
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: subnet-hpc-public
VpcId: !Ref VPC
privateSubnet1:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: 192.168.0.0/22
AvailabilityZone:
Fn::Select:
- 1
- Fn::GetAZs: ""
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: subnet-hpc-private
VpcId: !Ref VPC
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: igw-hpc
InternetGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref VPC
NatGatewayEIP:
Type: AWS::EC2::EIP
DependsOn: InternetGatewayAttachment
Properties:
Domain: vpc
NatGateway:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt NatGatewayEIP.AllocationId
SubnetId: !Ref publicSubnet
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: route-hpc-public
DefaultPublicRoute:
Type: AWS::EC2::Route
DependsOn: InternetGatewayAttachment
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref publicSubnet
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: route-hpc-private
DefaultPrivateRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway
PrivateSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRouteTable
SubnetId: !Ref privateSubnet1
AllDefaultSecurityGroupEgress:
Type: AWS::EC2::SecurityGroupEgress
Properties:
DestinationSecurityGroupId: !GetAtt VPC.DefaultSecurityGroup
FromPort: -1
GroupId: !GetAtt VPC.DefaultSecurityGroup
IpProtocol: -1
ToPort: -1
InternetDefaultSecurityGroupEgress:
Type: AWS::EC2::SecurityGroupEgress
Properties:
CidrIp: 0.0.0.0/0
FromPort: -1
GroupId: !GetAtt VPC.DefaultSecurityGroup
IpProtocol: -1
ToPort: -1
AllDefaultSecurityGroupIngress:
Type: AWS::EC2::SecurityGroupIngress
Properties:
SourceSecurityGroupId: !GetAtt VPC.DefaultSecurityGroup
FromPort: -1
GroupId: !GetAtt VPC.DefaultSecurityGroup
IpProtocol: -1
ToPort: -1
Outputs:
VPC:
Description: A reference to the created VPC
Value: !Ref VPC
PublicSubnets:
Description: A list of the public subnets
Value: !Join [ ",", [ !Ref publicSubnet ]]
PrivateSubnets:
Description: A list of the private subnets
Value: !Join [ ",", [ !Ref privateSubnet1 ]]