-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloudformation.subnet.yml
112 lines (88 loc) · 2.52 KB
/
cloudformation.subnet.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
AvailabilityZone:
Type: AWS::EC2::AvailabilityZone::Name
Description: Availability zone in which to create the subnet
Cidr:
Type: String
Description: IP address range which instances in this subnet will be assigned
CreateNatGateway:
Type: String
Description: >
Only for public subnets, a NAT gateway and route table can be created.
A private subnet can then use the route table to route egress traffic to the NAT gateway.
AllowedValues:
- 'yes'
- 'no'
Name:
Type: String
Description: Name of subnet resources (e.g. private, servers, etc.)
AllowedPattern: ^[a-z0-9-]*$
RouteTableId:
Type: String
Description: ID of the route table which this subnet will use for routing traffic
SubnetType:
Type: String
Description: >
Is this a public or private subnet? Public subnets will get an EIP
and can have a NAT gateway generated in them.
AllowedValues:
- 'public'
- 'private'
VpcId:
Type: AWS::EC2::VPC::Id
Description: ID of the VPC in which resources will be created
Conditions:
IsPublicSubnet: !Equals [!Ref SubnetType, 'public']
IsCreateNatGateway: !And [!Condition IsPublicSubnet, !Equals [!Ref CreateNatGateway, 'yes']]
Resources:
Subnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VpcId
AvailabilityZone: !Ref AvailabilityZone
CidrBlock: !Ref Cidr
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Ref Name
RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref RouteTableId
SubnetId: !Ref Subnet
EIP:
Type: AWS::EC2::EIP
Condition: IsPublicSubnet
Properties:
Domain: vpc
NatGateway:
Type: AWS::EC2::NatGateway
Condition: IsCreateNatGateway
Properties:
AllocationId: !GetAtt EIP.AllocationId
SubnetId: !Ref Subnet
Tags:
- Key: Name
Value: !Ref Name
NatRouteTable:
Type: AWS::EC2::RouteTable
Condition: IsCreateNatGateway
Properties:
VpcId: !Ref VpcId
Tags:
- Key: Name
Value: !Sub ${Name}-nat
NatDefaultRoute:
Type: AWS::EC2::Route
Condition: IsCreateNatGateway
Properties:
RouteTableId: !Ref NatRouteTable
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway
Outputs:
SubnetId:
Value: !Ref Subnet
NatRouteTableId:
Value: !Ref NatRouteTable
Condition: IsCreateNatGateway