Permalink
Find file Copy path
c26fcbe Mar 26, 2018
1 contributor

Users who have contributed to this file

177 lines (174 sloc) 5.64 KB
###################################################################################################
#### Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
####
#### Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file
#### except in compliance with the License. A copy of the License is located at
####
#### http://aws.amazon.com/apache2.0/
####
#### or in the "license" file accompanying this file. This file is distributed on an "AS IS"
#### BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#### License for the specific language governing permissions and limitations under the License.
###################################################################################################
###################################################################################################
#### By default, Elastic Beanstalk creates all of your application's compute and networking
#### resources in the default VPC. Use this template to create a custom VPC to isolate your
#### environment's resources in a private subnet with customizable security.
####
#### This template creates the following resources-
#### - A VPC with the IP range 172.31.0.0/16
#### - 2 private subnets for the EC2 instances that run your application
#### - 2 public subnets for the load balancer that routes traffic to the instances
#### - An Internet gateway, NAT gateway, and route table to allow the instances
#### to communicate with the load balancer and the Internet.
####
###################################################################################################
Resources:
PubPrivateVPC:
Type: 'AWS::EC2::VPC'
Properties:
CidrBlock: 172.31.0.0/16
Tags:
- Key: Name
Value: !Join [_, [!Ref 'AWS::StackName']]
PublicSubnet1:
Type: 'AWS::EC2::Subnet'
Properties:
VpcId: !Ref PubPrivateVPC
AvailabilityZone:
Fn::Select:
- 0
- Fn::GetAZs: ""
CidrBlock: 172.31.0.0/24
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Join [_, [!Ref 'AWS::StackName',Public]]
PublicSubnet2:
Type: 'AWS::EC2::Subnet'
Properties:
AvailabilityZone:
Fn::Select:
- 1
- Fn::GetAZs: ""
VpcId: !Ref PubPrivateVPC
CidrBlock: 172.31.1.0/24
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Join [_, [!Ref 'AWS::StackName',Public]]
PrivateSubnet1:
Type: 'AWS::EC2::Subnet'
Properties:
VpcId: !Ref PubPrivateVPC
AvailabilityZone:
Fn::Select:
- 0
- Fn::GetAZs: ""
CidrBlock: 172.31.3.0/24
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Join [_, [!Ref 'AWS::StackName',Private]]
PrivateSubnet2:
Type: 'AWS::EC2::Subnet'
Properties:
VpcId: !Ref PubPrivateVPC
AvailabilityZone:
Fn::Select:
- 1
- Fn::GetAZs: ""
CidrBlock: 172.31.2.0/24
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Join [_, [!Ref 'AWS::StackName',Private]]
InternetGateway:
Type: 'AWS::EC2::InternetGateway'
Properties:
Tags:
- Key: Name
Value: !Join [_, [!Ref 'AWS::StackName']]
GatewayToInternet:
Type: 'AWS::EC2::VPCGatewayAttachment'
Properties:
VpcId: !Ref PubPrivateVPC
InternetGatewayId: !Ref InternetGateway
PublicRouteTable:
Type: 'AWS::EC2::RouteTable'
Properties:
VpcId: !Ref PubPrivateVPC
PublicRoute:
Type: 'AWS::EC2::Route'
DependsOn: GatewayToInternet
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnet1RouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PublicSubnet1
RouteTableId: !Ref PublicRouteTable
PublicSubnet2RouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PublicSubnet2
RouteTableId: !Ref PublicRouteTable
NatGateway:
Type: "AWS::EC2::NatGateway"
DependsOn: NatPublicIP
Properties:
AllocationId: !GetAtt NatPublicIP.AllocationId
SubnetId: !Ref PublicSubnet1
NatPublicIP:
Type: "AWS::EC2::EIP"
DependsOn: PubPrivateVPC
Properties:
Domain: vpc
PrivateRouteTable:
Type: 'AWS::EC2::RouteTable'
Properties:
VpcId: !Ref PubPrivateVPC
PrivateRoute:
Type: 'AWS::EC2::Route'
Properties:
RouteTableId: !Ref PrivateRouteTable
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway
PrivateSubnet1RouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PrivateSubnet1
RouteTableId: !Ref PrivateRouteTable
PrivateSubnet2RouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref PrivateSubnet2
RouteTableId: !Ref PrivateRouteTable
Outputs:
PubPrivateVPCID:
Description: VPC ID
Value: !Ref "PubPrivateVPC"
Export:
Name: BeanstalkVPCID
PrivateSubnet1ID:
Description: Private Subnet A ID
Value: !Ref "PrivateSubnet1"
Export:
Name: BeanstalkPrivateSubnet1ID
PrivateSubnet2ID:
Description: Private Subnet B ID
Value: !Ref "PrivateSubnet2"
Export:
Name: BeanstalkPrivateSubnet2ID
PublicSubnet1ID:
Description: Public Subnet A ID
Value: !Ref "PublicSubnet1"
Export:
Name: BeanstalkPublicSubnet1ID
PublicSubnet2ID:
Description: Public Subnet B ID
Value: !Ref "PublicSubnet2"
Export:
Name: BeanstalkPublicSubnet2ID