Skip to content

Instantly share code, notes, and snippets.

@y13i

y13i/generic_aws_network.yml

Last active February 13, 2021 11:18
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save y13i/68939aad72c68dcbf6bed028476bd1a7 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save y13i/68939aad72c68dcbf6bed028476bd1a7 to your computer and use it in GitHub Desktop.
Download ZIP
Generic AWS VPC Networking Template
Raw
generic_aws_network.yml
Description: Generic AWS VPC Networking
Parameters:
PrivateToInternetAccess:
Type: String
Description: If true, NAT Gateways and Elastic IPs will be created for the internet access from private subnets.
AllowedValues:
- "false"
- "true"
Default: "false"
CidrPrefix:
Type: String
Description: Prefix of the network ranges.
Default: "10.0"
Conditions:
PrivateToInternetAccessCondition:
Fn::Equals:
- Ref: PrivateToInternetAccess
- "true"
Resources:
Vpc:
Type: AWS::EC2::VPC
Properties:
EnableDnsSupport: true
EnableDnsHostnames: true
CidrBlock:
Fn::Join:
- ""
- - Ref: CidrPrefix
- .0.0/16
Tags:
- Key: Name
Value:
Ref: AWS::StackName
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value:
Ref: AWS::StackName
InternetGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId:
Ref: Vpc
InternetGatewayId:
Ref: InternetGateway
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: Vpc
Tags:
- Key: Name
Value:
Fn::Join:
- "-"
- - Ref: AWS::StackName
- public
PublicToInternetRoute:
Type: AWS::EC2::Route
Properties:
DestinationCidrBlock: 0.0.0.0/0
RouteTableId:
Ref: PublicRouteTable
GatewayId:
Ref: InternetGateway
PublicSubnet0:
Type: AWS::EC2::Subnet
Properties:
CidrBlock:
Fn::Join:
- ""
- - Ref: CidrPrefix
- .0.0/22
MapPublicIpOnLaunch: true
AvailabilityZone:
Fn::Select:
- 0
- Fn::GetAZs:
Ref: AWS::Region
VpcId:
Ref: Vpc
Tags:
- Key: Name
Value:
Fn::Join:
- "-"
- - Ref: AWS::StackName
- public
- "0"
PublicSubnet0RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId:
Ref: PublicRouteTable
SubnetId:
Ref: PublicSubnet0
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
CidrBlock:
Fn::Join:
- ""
- - Ref: CidrPrefix
- .4.0/22
MapPublicIpOnLaunch: true
AvailabilityZone:
Fn::Select:
- 1
- Fn::GetAZs:
Ref: AWS::Region
VpcId:
Ref: Vpc
Tags:
- Key: Name
Value:
Fn::Join:
- "-"
- - Ref: AWS::StackName
- public
- "1"
PublicSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId:
Ref: PublicRouteTable
SubnetId:
Ref: PublicSubnet1
PrivateRouteTable0:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: Vpc
Tags:
- Key: Name
Value:
Fn::Join:
- "-"
- - Ref: AWS::StackName
- private
- "0"
PrivateToInternetRoute0:
Type: AWS::EC2::Route
Condition: PrivateToInternetAccessCondition
Properties:
DestinationCidrBlock: 0.0.0.0/0
RouteTableId:
Ref: PrivateRouteTable0
NatGatewayId:
Ref: NatGateway0
PrivateSubnet0:
Type: AWS::EC2::Subnet
Properties:
CidrBlock:
Fn::Join:
- ""
- - Ref: CidrPrefix
- .8.0/22
MapPublicIpOnLaunch: false
AvailabilityZone:
Fn::Select:
- 0
- Fn::GetAZs:
Ref: AWS::Region
VpcId:
Ref: Vpc
Tags:
- Key: Name
Value:
Fn::Join:
- "-"
- - Ref: AWS::StackName
- private
- "0"
PrivateSubnet0RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId:
Ref: PrivateRouteTable0
SubnetId:
Ref: PrivateSubnet0
ElasticIp0:
Type: AWS::EC2::EIP
Condition: PrivateToInternetAccessCondition
Properties:
Domain: vpc
NatGateway0:
Type: AWS::EC2::NatGateway
Condition: PrivateToInternetAccessCondition
Properties:
AllocationId:
Fn::GetAtt:
- ElasticIp0
- AllocationId
SubnetId:
Ref: PublicSubnet0
Tags:
- Key: Name
Value:
Fn::Join:
- "-"
- - Ref: AWS::StackName
- "0"
PrivateRouteTable1:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: Vpc
Tags:
- Key: Name
Value:
Fn::Join:
- "-"
- - Ref: AWS::StackName
- private
- "1"
PrivateToInternetRoute1:
Type: AWS::EC2::Route
Condition: PrivateToInternetAccessCondition
Properties:
DestinationCidrBlock: 0.0.0.0/0
RouteTableId:
Ref: PrivateRouteTable1
NatGatewayId:
Ref: NatGateway1
PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
CidrBlock:
Fn::Join:
- ""
- - Ref: CidrPrefix
- .12.0/22
MapPublicIpOnLaunch: false
AvailabilityZone:
Fn::Select:
- 1
- Fn::GetAZs:
Ref: AWS::Region
VpcId:
Ref: Vpc
Tags:
- Key: Name
Value:
Fn::Join:
- "-"
- - Ref: AWS::StackName
- private
- "1"
PrivateSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId:
Ref: PrivateRouteTable1
SubnetId:
Ref: PrivateSubnet1
ElasticIp1:
Type: AWS::EC2::EIP
Condition: PrivateToInternetAccessCondition
Properties:
Domain: vpc
NatGateway1:
Type: AWS::EC2::NatGateway
Condition: PrivateToInternetAccessCondition
Properties:
AllocationId:
Fn::GetAtt:
- ElasticIp1
- AllocationId
SubnetId:
Ref: PublicSubnet1
Tags:
- Key: Name
Value:
Fn::Join:
- "-"
- - Ref: AWS::StackName
- "1"
VPCEndpointForS3:
Type: AWS::EC2::VPCEndpoint
Properties:
RouteTableIds:
- Ref: PublicRouteTable
- Ref: PrivateRouteTable0
- Ref: PrivateRouteTable1
VpcId:
Ref: Vpc
ServiceName:
Fn::Join:
- "."
- - com
- amazonaws
- Ref: AWS::Region
- s3
VPCEndpointForDynamoDB:
Type: AWS::EC2::VPCEndpoint
Properties:
RouteTableIds:
- Ref: PublicRouteTable
- Ref: PrivateRouteTable0
- Ref: PrivateRouteTable1
VpcId:
Ref: Vpc
ServiceName:
Fn::Join:
- "."
- - com
- amazonaws
- Ref: AWS::Region
- dynamodb
DBSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupDescription:
Ref: AWS::StackName
SubnetIds:
- Ref: PrivateSubnet0
- Ref: PrivateSubnet1
Tags:
- Key: Name
Value:
Ref: AWS::StackName
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment