-
Notifications
You must be signed in to change notification settings - Fork 0
/
base_environment.yaml
136 lines (136 loc) · 3.96 KB
/
base_environment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
AWSTemplateFormatVersion: "2010-09-09"
Description: "Builds the base VPC and provisions initial instance for the FileShare workshop"
Parameters:
VPCNameParameter:
Type: "String"
Default: "fileshare"
FileShareInstanceType:
Type: "String"
Default: "t2.small"
AllowedValues:
- "t2.small"
- "t2.medium"
- "t2.large"
- "m4.large"
Description: "Instance type for the initial File Share instance. Allowed values are t2.small, t2.medium, t2.large, m4.large. Default is t2.small."
FileShareInstanceKeyPair:
Type: "AWS::EC2::KeyPair::KeyName"
Description: "Key Pair for initial FileShare instance."
Resources:
FileShareVPC:
Type: "AWS::EC2::VPC"
Properties:
CidrBlock: "10.0.0.0/16"
Tags:
- Key: Name
Value: !Ref VPCNameParameter
PublicSubnetA:
Type: "AWS::EC2::Subnet"
Properties:
CidrBlock: "10.0.0.0/24"
MapPublicIpOnLaunch: true
AvailabilityZone: "ap-southeast-1a"
VpcId: !Ref FileShareVPC
PublicSubnetB:
Type: "AWS::EC2::Subnet"
Properties:
CidrBlock: "10.0.1.0/24"
MapPublicIpOnLaunch: true
AvailabilityZone: "ap-southeast-1b"
VpcId: !Ref FileShareVPC
PrivateSubnetA:
Type: "AWS::EC2::Subnet"
Properties:
CidrBlock: "10.0.2.0/24"
MapPublicIpOnLaunch: false
AvailabilityZone: "ap-southeast-1a"
VpcId: !Ref FileShareVPC
PrivateSubnetB:
Type: "AWS::EC2::Subnet"
Properties:
CidrBlock: "10.0.3.0/24"
MapPublicIpOnLaunch: false
AvailabilityZone: "ap-southeast-1b"
VpcId: !Ref FileShareVPC
PublicRouteTable:
Type: "AWS::EC2::RouteTable"
Properties:
VpcId: !Ref FileShareVPC
PrivateRouteTable:
Type: "AWS::EC2::RouteTable"
Properties:
VpcId: !Ref FileShareVPC
IGW:
Type: "AWS::EC2::InternetGateway"
IGWAttachment:
Type: "AWS::EC2::VPCGatewayAttachment"
Properties:
InternetGatewayId: !Ref IGW
VpcId: !Ref FileShareVPC
NatGwEip:
Type: "AWS::EC2::EIP"
Properties:
Domain: "vpc"
NatGw:
Type: "AWS::EC2::NatGateway"
Properties:
AllocationId: !GetAtt NatGwEip.AllocationId
SubnetId: !Ref PublicSubnetA
IGWRoute:
Type: "AWS::EC2::Route"
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: "0.0.0.0/0"
GatewayId: !Ref IGW
NatGwRoute:
Type: "AWS::EC2::Route"
Properties:
RouteTableId: !Ref PrivateRouteTable
DestinationCidrBlock: "0.0.0.0/0"
NatGatewayId: !Ref NatGw
PrivateSubnetARouteTableAssoc:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
RouteTableId: !Ref PrivateRouteTable
SubnetId: !Ref PrivateSubnetA
PrivateSubnetBRouteTableAssoc:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
RouteTableId: !Ref PrivateRouteTable
SubnetId: !Ref PrivateSubnetB
PublicSubnetARouteTableAssoc:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnetA
PublicSubnetBRouteTableAssoc:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnetB
SingleFileShareSecurityGroup:
Type: "AWS::EC2::SecurityGroup"
Properties:
GroupDescription: "Security group for the initial FileShare instance"
VpcId: !Ref FileShareVPC
SecurityGroupIngress:
- IpProtocol: "tcp"
FromPort: "80"
ToPort: "80"
CidrIp: "0.0.0.0/0"
- IpProtocol: "tcp"
FromPort: "22"
ToPort: "22"
CidrIp: "0.0.0.0/0"
SingleFileShareInstance:
Type: "AWS::EC2::Instance"
Properties:
ImageId: "ami-ca5a13a9"
InstanceType: !Ref FileShareInstanceType
KeyName: !Ref FileShareInstanceKeyPair
SecurityGroupIds:
- !Ref SingleFileShareSecurityGroup
SubnetId: !Ref PublicSubnetA
Tags:
- Key: Name
Value: "FileShare"