Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
238 lines (231 sloc) 5.42 KB
Resources:
######################
## VPC basics
######################
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
- Key: Name
Value: t10-fn-vpc-dev
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: t10-fn-internetgateway-dev
InternetGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId:
Ref: InternetGateway
VpcId:
Ref: VPC
######################
## Subnet Public
######################
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: VPC
AvailabilityZone: eu-west-2a
CidrBlock: 10.0.11.0/24
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: t10-fn-public-subnet-az1-dev
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: t10-fn-public-rt-dev
PublicRouteTableRoute1:
Type: AWS::EC2::Route
DependsOn: InternetGateway
Properties:
RouteTableId:
Ref: PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId:
Ref: InternetGateway
PublicRouteTableAssociation1:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PublicSubnet1
RouteTableId:
Ref: PublicRouteTable
PublicElasticIP:
Type: AWS::EC2::EIP
Properties:
Domain:
Ref: VPC
NatGateway:
Type: AWS::EC2::NatGateway
Properties:
AllocationId:
Fn::GetAtt: PublicElasticIP.AllocationId
SubnetId:
Ref: PublicSubnet1
Tags:
- Key: Name
Value: t10-fn-natgateway-dev
######################
## Subnet Private
######################
PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: VPC
AvailabilityZone: eu-west-2a
CidrBlock: 10.0.21.0/24
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: t10-fn-private-subnet-az1-dev
PrivateSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: VPC
AvailabilityZone: eu-west-2b
CidrBlock: 10.0.22.0/24
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: t10-fn-private-subnet-az2-dev
PrivateSubnet3:
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: VPC
AvailabilityZone: eu-west-2c
CidrBlock: 10.0.23.0/24
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: t10-fn-private-subnet-az3-dev
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: t10-fn-private-rt-dev
PrivateRouteTableRoute1:
Type: AWS::EC2::Route
DependsOn: NatGateway
Properties:
RouteTableId:
Ref: PrivateRouteTable
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId:
Ref: NatGateway
PrivateRouteTableAssociation1:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PrivateSubnet1
RouteTableId:
Ref: PrivateRouteTable
PrivateRouteTableAssociation2:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PrivateSubnet2
RouteTableId:
Ref: PrivateRouteTable
PrivateRouteTableAssociation3:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PrivateSubnet3
RouteTableId:
Ref: PrivateRouteTable
######################
## Security NACL
######################
NetworkAcl:
Type: AWS::EC2::NetworkAcl
Properties:
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: t10-fn-nacl-dev
NetworkAclEntryfn100:
Type: AWS::EC2::NetworkAclEntry
Properties:
CidrBlock: 0.0.0.0/0
Egress: 'false'
NetworkAclId:
Ref: NetworkAcl
Protocol: "-1"
RuleAction: allow
RuleNumber: "100"
NetworkAclEntryOutbound100:
Type: AWS::EC2::NetworkAclEntry
Properties:
CidrBlock: 0.0.0.0/0
Egress: 'true'
NetworkAclId:
Ref: NetworkAcl
Protocol: "-1"
RuleAction: allow
RuleNumber: "100"
PrivateSubnetNetworkAclAssociation1:
Type: AWS::EC2::SubnetNetworkAclAssociation
Properties:
SubnetId:
Ref: PrivateSubnet1
NetworkAclId:
Ref: NetworkAcl
PrivateSubnetNetworkAclAssociation2:
Type: AWS::EC2::SubnetNetworkAclAssociation
Properties:
SubnetId:
Ref: PrivateSubnet2
NetworkAclId:
Ref: NetworkAcl
PrivateSubnetNetworkAclAssociation3:
Type: AWS::EC2::SubnetNetworkAclAssociation
Properties:
SubnetId:
Ref: PrivateSubnet3
NetworkAclId:
Ref: NetworkAcl
######################
## Security Group(s)
######################
LambdaSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: t10-fn-lambda-sg
GroupDescription: t10-fn-lambda-sg
SecurityGroupIngress:
- IpProtocol: -1
CidrIp: 0.0.0.0/0
VpcId:
Ref: VPC
Tags:
- Key: Name
Value: t10-fn-lambda-sg-dev
######################
## OUTPUT
######################
#Outputs:
# VPC:
# Description: A reference to the created VPC
# Value:
# Ref: VPC
# Export:
# Name: t10-fn-vpc-id$