kouの個人blog

Cloudformationはawsの各ツールをコードで自動化構築するように、作業を効率や基準化する

下のコードはvpc->ec2まで自動化構築します、中vpcを二つを設置、下記の設計図によると作りました

                        
    AWSTemplateFormatVersion: 2010-09-09
    Description: 'kadai-10'

    Parameters:
    author:
    Type: String
    Default: "huang"  


    Mappings:
    Env:
    Id:
    '130254905803': prod


    prod:
    cidr:
    VPC: 10.0.0.0/16
    pub1a: 10.0.1.0/24
    pri1a: 10.0.2.0/24
    pri2a: 10.0.3.0/24

    pub1c: 10.0.4.0/24
    pri1c: 10.0.5.0/24
    pri2c: 10.0.6.0/24


    Resources:

    #VPC
    cpiVPC:
    Type: AWS::EC2::VPC
    Properties:
    CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, VPC ] 
    EnableDnsHostnames: 'false'
    EnableDnsSupport: 'false' 
    InstanceTenancy: default
    Tags:
    - Key: Name
        Value: !Sub  cpi-vpc-${author}

        
    #SUB-PUB-1a
    cpiSubPub1a:
    Type: AWS::EC2::Subnet
    Properties:    
    AvailabilityZone: ap-northeast-1a
    CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pub1a ] 
    Tags:
    - Key: Name
        Value: !Sub  cpi-pub-1a-${author}
    VpcId: !Ref cpiVPC

    #1a->pri
    cpiSubPri1a:
    Type: AWS::EC2::Subnet
    Properties:    
    AvailabilityZone: ap-northeast-1a
    CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pri1a ] 
    Tags:
    - Key: Name
        Value: !Sub  cpi-pri-01-1a-${author}
    VpcId: !Ref cpiVPC

    cpiSubPri2a:
    Type: AWS::EC2::Subnet
    Properties:    
    AvailabilityZone: ap-northeast-1a
    CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pri2a ] 
    Tags:
    - Key: Name
        Value: !Sub  cpi-pri-02-1a-${author}
    VpcId: !Ref cpiVPC

    #SUB-PUB-1c
    cpiSubPub1c:
    Type: AWS::EC2::Subnet
    Properties:    
    AvailabilityZone: ap-northeast-1c
    CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pub1c ] 
    Tags:
    - Key: Name
        Value: !Sub  cpi-pub-1c-${author}
    VpcId: !Ref cpiVPC

    #1c ->pri
    cpiSubPri1c:
    Type: AWS::EC2::Subnet
    Properties:    
    AvailabilityZone: ap-northeast-1c
    CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pri1c ] 
    Tags:
    - Key: Name
        Value: !Sub  cpi-pri-01-1c-${author}
    VpcId: !Ref cpiVPC

    cpiSubPri2c:
    Type: AWS::EC2::Subnet
    Properties:    
    AvailabilityZone: ap-northeast-1c
    CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pri2c ] 
    Tags:
    - Key: Name
        Value: !Sub  cpi-pri-02-1c-${author}
    VpcId: !Ref cpiVPC


    #igw
    cpiIgw:
    Type: AWS::EC2::InternetGateway
    Properties:    
    Tags:
    - Key: Name
        Value: !Sub cpi-igw-${author}

    cpiIgwAttach:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:    
    InternetGatewayId : !Ref cpiIgw
    VpcId: !Ref cpiVPC

    #NGW
    #1a
    cpiNgw01:
    Type: AWS::EC2::NatGateway
    Properties:
    AllocationId: !GetAtt cpiNgwEip01.AllocationId
    SubnetId: !Ref cpiSubPri1a
    Tags:
    - Key: Name
        Value: cpi-ngw-1a

    cpiNgwEip01:
    Type: AWS::EC2::EIP
    Properties:
        Domain: !Ref cpiVPC

    #1c
    cpiNgw02:
    Type: AWS::EC2::NatGateway
    Properties:
    AllocationId: !GetAtt cpiNgwEip02.AllocationId
    SubnetId: !Ref cpiSubPri1c
    Tags:
    - Key: Name
        Value: cpi-ngw-1c

    cpiNgwEip02:
    Type: AWS::EC2::EIP
    Properties:
        Domain: !Ref cpiVPC


    #rtb
    #pub-1a
    cpiRtbPub1a:
    Type: AWS::EC2::RouteTable
    Properties:
    Tags: 
    - Key: Name
        Value: cpi-rtb-pub-1a
    VpcId: !Ref cpiVPC

    cpiAssocRtbPub1a:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
    SubnetId: !Ref cpiSubPub1a
    RouteTableId: !Ref cpiRtbPub1a

    cpiRoutePub1a:
    Type: AWS::EC2::Route
    Properties:
    GatewayId: !Ref cpiIgw
    RouteTableId: !Ref cpiRtbPub1a
    DestinationCidrBlock: 0.0.0.0/0

    #pri-1a
    cpiRtbPri1a:
    Type: AWS::EC2::RouteTable
    Properties:
    Tags: 
    - Key: Name
        Value: cpi-rtb-pri-1a
    VpcId: !Ref cpiVPC

    cpiAssocRtbPri1a:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
    SubnetId: !Ref cpiSubPri1a
    RouteTableId: !Ref cpiRtbPri1a

    cpiAssocRtbPri2a:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
    SubnetId: !Ref cpiSubPri2a
    RouteTableId: !Ref cpiRtbPri1a

    cpiRoutePri1a:
    Type: AWS::EC2::Route
    Properties:
    NatGatewayId: !Ref cpiNgw01
    RouteTableId: !Ref cpiRtbPri1a
    DestinationCidrBlock: 0.0.0.0/0

    #pub-1c
    cpiRtbPub1c:
    Type: AWS::EC2::RouteTable
    Properties:
    Tags: 
    - Key: Name
        Value: cpi-rtb-pub-1c
    VpcId: !Ref cpiVPC

    cpiAssocRtbPub1c:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
    SubnetId: !Ref cpiSubPub1c
    RouteTableId: !Ref cpiRtbPub1c


    cpiRoutePub1c:
    Type: AWS::EC2::Route
    Properties:
    GatewayId: !Ref cpiIgw
    RouteTableId: !Ref cpiRtbPub1c
    DestinationCidrBlock: 0.0.0.0/0

    #pri-1c
    cpiRtbPri1c:
    Type: AWS::EC2::RouteTable
    Properties:
    Tags: 
    - Key: Name
        Value: cpi-rtb-pri-1c
    VpcId: !Ref cpiVPC

    cpiAssocRtbPri1c:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
    SubnetId: !Ref cpiSubPri1c
    RouteTableId: !Ref cpiRtbPri1c

    cpiAssocRtbPri2c:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
    SubnetId: !Ref cpiSubPri2c
    RouteTableId: !Ref cpiRtbPri1c


    cpiRoutePri1c:
    Type: AWS::EC2::Route
    Properties:
    NatGatewayId: !Ref cpiNgw02
    RouteTableId: !Ref cpiRtbPri1c
    DestinationCidrBlock: 0.0.0.0/0

    #セキュリティグループ
    #pub
    cpiSgPub:
    Type: AWS::EC2::SecurityGroup
    Properties:
    GroupDescription: pub-jump
    VpcId: !Ref cpiVPC
    SecurityGroupIngress:
        - IpProtocol: tcp
        FromPort: 22
        ToPort: 22
        CidrIp: 0.0.0.0/0
    Tags:
    - Key: Name
        Value: cpi-sg-pub-jump

    PubIngress02:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
    GroupId: !Ref cpiSgPub
    IpProtocol: tcp
    FromPort: 80
    ToPort: 80
    CidrIp: 0.0.0.0/0

    PubIngress03:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
    GroupId: !Ref cpiSgPub
    IpProtocol: tcp
    FromPort: 443
    ToPort: 443
    CidrIp: 0.0.0.0/0

    #pri
    cpiSgPri:
    Type: AWS::EC2::SecurityGroup
    Properties:
    GroupDescription: pri-web
    VpcId: !Ref cpiVPC
    SecurityGroupIngress:
        - IpProtocol: tcp
        FromPort: 22
        ToPort: 22
        CidrIp: 0.0.0.0/0
    Tags:
    - Key: Name
        Value: cpi-sg-pri-web


    #EC2
    #jump01
    cpiEc2Pub01:
    Type: AWS::EC2::Instance
    DependsOn: cpiIgwAttach
    Properties:
    ImageId: ami-0556b98d8e7a269f1 
    InstanceType: t2.micro
    KeyName: cpi-box-01
    NetworkInterfaces:
    - GroupSet:
        - Ref: cpiSgPub
        AssociatePublicIpAddress: 'true'
        DeviceIndex: '0'
        DeleteOnTermination: 'true'
        SubnetId:
        Ref: cpiSubPub1a
    Tags:
    - Key: Name
        Value: cpi-ec2-pub-jump-01

    #jump02
    cpiEc2Pub02:
    Type: AWS::EC2::Instance
    DependsOn: cpiIgwAttach
    Properties:
    ImageId: ami-0556b98d8e7a269f1 
    InstanceType: t2.micro
    KeyName: cpi-box-01
    NetworkInterfaces:
    - GroupSet:
        - Ref: cpiSgPub
        AssociatePublicIpAddress: 'true'
        DeviceIndex: '0'
        DeleteOnTermination: 'true'
        SubnetId:
        Ref: cpiSubPub1c
    Tags:
    - Key: Name
        Value: cpi-ec2-pub-jump-02

    #web-pc-01
    cpiEc2Pri1a01:
    Type: AWS::EC2::Instance
    DependsOn: cpiIgwAttach
    Properties:
    ImageId: ami-0556b98d8e7a269f1 
    InstanceType: t2.micro
    KeyName: cpi-box-01
    NetworkInterfaces:
    - GroupSet:
        - Ref: cpiSgPri
        AssociatePublicIpAddress: 'false'
        DeviceIndex: '0'
        DeleteOnTermination: 'true'
        SubnetId:
        Ref: cpiSubPri1a
    Tags:
    - Key: Name
        Value: cpi-ec2-pri-web-pc-01

    #web-mobile-01
    cpiEc2Pri1a02:
    Type: AWS::EC2::Instance
    DependsOn: cpiIgwAttach
    Properties:
    ImageId: ami-0556b98d8e7a269f1 
    InstanceType: t2.micro
    KeyName: cpi-box-01
    NetworkInterfaces:
    - GroupSet:
        - Ref: cpiSgPri
        AssociatePublicIpAddress: 'false'
        DeviceIndex: '0'
        DeleteOnTermination: 'true'
        SubnetId:
        Ref: cpiSubPri2a
    Tags:
    - Key: Name
        Value: cpi-ec2-pri-web-mobile-01

    #web-pc-02
    cpiEc2Pri1c01:
    Type: AWS::EC2::Instance
    DependsOn: cpiIgwAttach
    Properties:
    ImageId: ami-0556b98d8e7a269f1 
    InstanceType: t2.micro
    KeyName: cpi-box-01
    NetworkInterfaces:
    - GroupSet:
        - Ref: cpiSgPri
        AssociatePublicIpAddress: 'false'
        DeviceIndex: '0'
        DeleteOnTermination: 'true'
        SubnetId:
        Ref: cpiSubPri1c
    Tags:
    - Key: Name
        Value: cpi-ec2-pri-web-pc-02

    #web-mobile-02
    cpiEc2Pri1c02:
    Type: AWS::EC2::Instance
    DependsOn: cpiIgwAttach
    Properties:
    ImageId: ami-0556b98d8e7a269f1 
    InstanceType: t2.micro
    KeyName: cpi-box-01
    NetworkInterfaces:
    - GroupSet:
        - Ref: cpiSgPri
        AssociatePublicIpAddress: 'false'
        DeviceIndex: '0'
        DeleteOnTermination: 'true'
        SubnetId:
        Ref: cpiSubPri2c
    Tags:
    - Key: Name
        Value: cpi-ec2-pri-web-mobile-02