Skip to content

Instantly share code, notes, and snippets.

@jairojunior

jairojunior/vpc-ecs.template.yaml

Created May 7, 2020 18:45
Show Gist options
  • Save jairojunior/54c46fb97a2985d12840a26e6d190d6c to your computer and use it in GitHub Desktop.
Save jairojunior/54c46fb97a2985d12840a26e6d190d6c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
vpc-ecs.template.yaml
---
AWSTemplateFormatVersion: "2010-09-09"
Description: "Template for ECS VPC in two AZ's"
Parameters:
VPCName:
Description: The name of the VPC being created.
Type: String
Default: "vpc-ecs (VPC For ECS with Public and Private Subnets with a NATGW)"
VPCCIDR:
Description: The CIDR of the VPC being created.
Type: String
Default: "172.20.0.0/24"
Public0CIDR:
Description: The CIDR of the first Public Subnet being created.
Type: String
Default: "172.20.0.0/27"
Public1CIDR:
Description: The CIDR of the second Public Subnet being created.
Type: String
Default: "172.20.0.32/27"
Private0CIDR:
Description: The CIDR of the first Private Subnet being created.
Type: String
Default: "172.20.0.128/26"
Private1CIDR:
Description: The CIDR of the second Private Subnet being created.
Type: String
Default: "172.20.0.192/26"
Mappings:
AZRegions:
sa-east-1:
AZs: ["a", "c"]
Resources:
VPC:
Type: "AWS::EC2::VPC"
Properties:
EnableDnsSupport: "true"
EnableDnsHostnames: "true"
CidrBlock: !Ref 'VPCCIDR'
Tags:
-
Key: "Application"
Value:
Ref: "AWS::StackName"
-
Key: "Network"
Value: "Public"
-
Key: "Name"
Value: !Ref 'VPCName'
PublicSubnet0:
Type: "AWS::EC2::Subnet"
Properties:
VpcId:
Ref: "VPC"
AvailabilityZone:
Fn::Sub:
- "${AWS::Region}${AZ}"
- AZ: !Select [ 0, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ]
CidrBlock: !Ref 'Public0CIDR'
MapPublicIpOnLaunch: "true"
Tags:
-
Key: "Application"
Value:
Ref: "AWS::StackName"
-
Key: "Network"
Value: "Public"
-
Key: "Name"
Value: !Join
- ''
- - !Ref "VPCName"
- '-public-'
- !Select [ 0, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ]
PublicSubnet1:
Type: "AWS::EC2::Subnet"
Properties:
VpcId:
Ref: "VPC"
AvailabilityZone:
Fn::Sub:
- "${AWS::Region}${AZ}"
- AZ: !Select [ 1, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ]
CidrBlock: !Ref 'Public1CIDR'
MapPublicIpOnLaunch: "true"
Tags:
-
Key: "Application"
Value:
Ref: "AWS::StackName"
-
Key: "Network"
Value: "Public"
-
Key: "Name"
Value: !Join
- ''
- - !Ref "VPCName"
- '-public-'
- !Select [ 1, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ]
PrivateSubnet0:
Type: "AWS::EC2::Subnet"
Properties:
VpcId:
Ref: "VPC"
AvailabilityZone:
Fn::Sub:
- "${AWS::Region}${AZ}"
- AZ: !Select [ 0, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ]
CidrBlock: !Ref 'Private0CIDR'
Tags:
-
Key: "Application"
Value:
Ref: "AWS::StackName"
-
Key: "Network"
Value: "Private"
-
Key: "Name"
Value: !Join
- ''
- - !Ref "VPCName"
- '-private-'
- !Select [ 0, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ]
PrivateSubnet1:
Type: "AWS::EC2::Subnet"
Properties:
VpcId:
Ref: "VPC"
AvailabilityZone:
Fn::Sub:
- "${AWS::Region}${AZ}"
- AZ: !Select [ 1, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ]
CidrBlock: !Ref 'Private1CIDR'
Tags:
-
Key: "Application"
Value:
Ref: "AWS::StackName"
-
Key: "Network"
Value: "Private"
-
Key: "Name"
Value: !Join
- ''
- - !Ref "VPCName"
- '-private-'
- !Select [ 1, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ]
InternetGateway:
Type: "AWS::EC2::InternetGateway"
Properties:
Tags:
-
Key: "Application"
Value:
Ref: "AWS::StackName"
-
Key: "Network"
Value: "Public"
-
Key: "Name"
Value: !Join
- ''
- - !Ref "VPCName"
- '-IGW'
GatewayToInternet:
Type: "AWS::EC2::VPCGatewayAttachment"
Properties:
VpcId:
Ref: "VPC"
InternetGatewayId:
Ref: "InternetGateway"
PublicRouteTable:
Type: "AWS::EC2::RouteTable"
Properties:
VpcId:
Ref: "VPC"
Tags:
-
Key: "Application"
Value:
Ref: "AWS::StackName"
-
Key: "Network"
Value: "Public"
-
Key: "Name"
Value: !Join
- ''
- - !Ref "VPCName"
- '-public-route-table'
PublicRoute:
Type: "AWS::EC2::Route"
DependsOn: "GatewayToInternet"
Properties:
RouteTableId:
Ref: "PublicRouteTable"
DestinationCidrBlock: "0.0.0.0/0"
GatewayId:
Ref: "InternetGateway"
PublicSubnetRouteTableAssociation0:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
SubnetId:
Ref: "PublicSubnet0"
RouteTableId:
Ref: "PublicRouteTable"
PublicSubnetRouteTableAssociation1:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
SubnetId:
Ref: "PublicSubnet1"
RouteTableId:
Ref: "PublicRouteTable"
PublicNetworkAcl:
Type: "AWS::EC2::NetworkAcl"
Properties:
VpcId:
Ref: "VPC"
Tags:
-
Key: "Application"
Value:
Ref: "AWS::StackName"
-
Key: "Network"
Value: "Public"
-
Key: "Name"
Value: !Join
- ''
- - !Ref "VPCName"
- '-public-nacl'
InboundHTTPPublicNetworkAclEntry:
Type: "AWS::EC2::NetworkAclEntry"
Properties:
NetworkAclId:
Ref: "PublicNetworkAcl"
RuleNumber: "100"
Protocol: "-1"
RuleAction: "allow"
Egress: "false"
CidrBlock: "0.0.0.0/0"
PortRange:
From: "0"
To: "65535"
OutboundPublicNetworkAclEntry:
Type: "AWS::EC2::NetworkAclEntry"
Properties:
NetworkAclId:
Ref: "PublicNetworkAcl"
RuleNumber: "100"
Protocol: "-1"
RuleAction: "allow"
Egress: "true"
CidrBlock: "0.0.0.0/0"
PortRange:
From: "0"
To: "65535"
PublicSubnetNetworkAclAssociation0:
Type: "AWS::EC2::SubnetNetworkAclAssociation"
Properties:
SubnetId:
Ref: "PublicSubnet0"
NetworkAclId:
Ref: "PublicNetworkAcl"
PublicSubnetNetworkAclAssociation1:
Type: "AWS::EC2::SubnetNetworkAclAssociation"
Properties:
SubnetId:
Ref: "PublicSubnet1"
NetworkAclId:
Ref: "PublicNetworkAcl"
ElasticIP0:
Type: "AWS::EC2::EIP"
Properties:
Domain: "vpc"
ElasticIP1:
Type: "AWS::EC2::EIP"
Properties:
Domain: "vpc"
NATGateway0:
Type: "AWS::EC2::NatGateway"
Properties:
AllocationId:
Fn::GetAtt:
- "ElasticIP0"
- "AllocationId"
SubnetId:
Ref: "PublicSubnet0"
NATGateway1:
Type: "AWS::EC2::NatGateway"
Properties:
AllocationId:
Fn::GetAtt:
- "ElasticIP1"
- "AllocationId"
SubnetId:
Ref: "PublicSubnet1"
PrivateRouteTable0:
Type: "AWS::EC2::RouteTable"
Properties:
VpcId:
Ref: "VPC"
Tags:
-
Key: "Name"
Value: !Join
- ''
- - !Ref "VPCName"
- '-private-route-table-0'
PrivateRouteTable1:
Type: "AWS::EC2::RouteTable"
Properties:
VpcId:
Ref: "VPC"
Tags:
-
Key: "Name"
Value: !Join
- ''
- - !Ref "VPCName"
- '-private-route-table-1'
PrivateRouteToInternet0:
Type: "AWS::EC2::Route"
Properties:
RouteTableId:
Ref: "PrivateRouteTable0"
DestinationCidrBlock: "0.0.0.0/0"
NatGatewayId:
Ref: "NATGateway0"
PrivateRouteToInternet1:
Type: "AWS::EC2::Route"
Properties:
RouteTableId:
Ref: "PrivateRouteTable1"
DestinationCidrBlock: "0.0.0.0/0"
NatGatewayId:
Ref: "NATGateway1"
PrivateSubnetRouteTableAssociation0:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
SubnetId:
Ref: "PrivateSubnet0"
RouteTableId:
Ref: "PrivateRouteTable0"
PrivateSubnetRouteTableAssociation1:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
SubnetId:
Ref: "PrivateSubnet1"
RouteTableId:
Ref: "PrivateRouteTable1"
Outputs:
VPCId:
Description: "VPCId of VPC"
Value:
Ref: "VPC"
Export:
Name: !Sub "${AWS::Region}-${AWS::StackName}-VPC"
PublicSubnet0:
Description: "SubnetId of public subnet 0"
Value:
Ref: "PublicSubnet0"
Export:
Name: !Sub "${AWS::Region}-${AWS::StackName}-PublicSubnet0"
PublicSubnet1:
Description: "SubnetId of public subnet 1"
Value:
Ref: "PublicSubnet1"
Export:
Name: !Sub "${AWS::Region}-${AWS::StackName}-PublicSubnet1"
PrivateSubnet0:
Description: "SubnetId of private subnet 0"
Value:
Ref: "PrivateSubnet0"
Export:
Name: !Sub "${AWS::Region}-${AWS::StackName}-PrivateSubnet0"
PrivateSubnet1:
Description: "SubnetId of private subnet 1"
Value:
Ref: "PrivateSubnet1"
Export:
Name: !Sub "${AWS::Region}-${AWS::StackName}-PrivateSubnet1"
DefaultSecurityGroup:
Description: "DefaultSecurityGroup Id"
Value: !GetAtt VPC.DefaultSecurityGroup
Export:
Name: !Sub "${AWS::Region}-${AWS::StackName}-DefaultSecurityGroup"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment