Cloudformationはawsの各ツールをコードで自動化構築するように、作業を効率や基準化する
下のコードはvpc->ec2まで自動化構築します、中vpcを二つを設置、下記の設計図によると作りました
AWSTemplateFormatVersion: 2010-09-09
Description: 'kadai-10'
Parameters:
author:
Type: String
Default: "huang"
Mappings:
Env:
Id:
'130254905803': prod
prod:
cidr:
VPC: 10.0.0.0/16
pub1a: 10.0.1.0/24
pri1a: 10.0.2.0/24
pri2a: 10.0.3.0/24
pub1c: 10.0.4.0/24
pri1c: 10.0.5.0/24
pri2c: 10.0.6.0/24
Resources:
#VPC
cpiVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, VPC ]
EnableDnsHostnames: 'false'
EnableDnsSupport: 'false'
InstanceTenancy: default
Tags:
- Key: Name
Value: !Sub cpi-vpc-${author}
#SUB-PUB-1a
cpiSubPub1a:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: ap-northeast-1a
CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pub1a ]
Tags:
- Key: Name
Value: !Sub cpi-pub-1a-${author}
VpcId: !Ref cpiVPC
#1a->pri
cpiSubPri1a:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: ap-northeast-1a
CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pri1a ]
Tags:
- Key: Name
Value: !Sub cpi-pri-01-1a-${author}
VpcId: !Ref cpiVPC
cpiSubPri2a:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: ap-northeast-1a
CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pri2a ]
Tags:
- Key: Name
Value: !Sub cpi-pri-02-1a-${author}
VpcId: !Ref cpiVPC
#SUB-PUB-1c
cpiSubPub1c:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: ap-northeast-1c
CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pub1c ]
Tags:
- Key: Name
Value: !Sub cpi-pub-1c-${author}
VpcId: !Ref cpiVPC
#1c ->pri
cpiSubPri1c:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: ap-northeast-1c
CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pri1c ]
Tags:
- Key: Name
Value: !Sub cpi-pri-01-1c-${author}
VpcId: !Ref cpiVPC
cpiSubPri2c:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: ap-northeast-1c
CidrBlock: !FindInMap [ !FindInMap [ Env, Id, !Ref AWS::AccountId ] ,cidr, pri2c ]
Tags:
- Key: Name
Value: !Sub cpi-pri-02-1c-${author}
VpcId: !Ref cpiVPC
#igw
cpiIgw:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: !Sub cpi-igw-${author}
cpiIgwAttach:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId : !Ref cpiIgw
VpcId: !Ref cpiVPC
#NGW
#1a
cpiNgw01:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt cpiNgwEip01.AllocationId
SubnetId: !Ref cpiSubPri1a
Tags:
- Key: Name
Value: cpi-ngw-1a
cpiNgwEip01:
Type: AWS::EC2::EIP
Properties:
Domain: !Ref cpiVPC
#1c
cpiNgw02:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt cpiNgwEip02.AllocationId
SubnetId: !Ref cpiSubPri1c
Tags:
- Key: Name
Value: cpi-ngw-1c
cpiNgwEip02:
Type: AWS::EC2::EIP
Properties:
Domain: !Ref cpiVPC
#rtb
#pub-1a
cpiRtbPub1a:
Type: AWS::EC2::RouteTable
Properties:
Tags:
- Key: Name
Value: cpi-rtb-pub-1a
VpcId: !Ref cpiVPC
cpiAssocRtbPub1a:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref cpiSubPub1a
RouteTableId: !Ref cpiRtbPub1a
cpiRoutePub1a:
Type: AWS::EC2::Route
Properties:
GatewayId: !Ref cpiIgw
RouteTableId: !Ref cpiRtbPub1a
DestinationCidrBlock: 0.0.0.0/0
#pri-1a
cpiRtbPri1a:
Type: AWS::EC2::RouteTable
Properties:
Tags:
- Key: Name
Value: cpi-rtb-pri-1a
VpcId: !Ref cpiVPC
cpiAssocRtbPri1a:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref cpiSubPri1a
RouteTableId: !Ref cpiRtbPri1a
cpiAssocRtbPri2a:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref cpiSubPri2a
RouteTableId: !Ref cpiRtbPri1a
cpiRoutePri1a:
Type: AWS::EC2::Route
Properties:
NatGatewayId: !Ref cpiNgw01
RouteTableId: !Ref cpiRtbPri1a
DestinationCidrBlock: 0.0.0.0/0
#pub-1c
cpiRtbPub1c:
Type: AWS::EC2::RouteTable
Properties:
Tags:
- Key: Name
Value: cpi-rtb-pub-1c
VpcId: !Ref cpiVPC
cpiAssocRtbPub1c:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref cpiSubPub1c
RouteTableId: !Ref cpiRtbPub1c
cpiRoutePub1c:
Type: AWS::EC2::Route
Properties:
GatewayId: !Ref cpiIgw
RouteTableId: !Ref cpiRtbPub1c
DestinationCidrBlock: 0.0.0.0/0
#pri-1c
cpiRtbPri1c:
Type: AWS::EC2::RouteTable
Properties:
Tags:
- Key: Name
Value: cpi-rtb-pri-1c
VpcId: !Ref cpiVPC
cpiAssocRtbPri1c:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref cpiSubPri1c
RouteTableId: !Ref cpiRtbPri1c
cpiAssocRtbPri2c:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref cpiSubPri2c
RouteTableId: !Ref cpiRtbPri1c
cpiRoutePri1c:
Type: AWS::EC2::Route
Properties:
NatGatewayId: !Ref cpiNgw02
RouteTableId: !Ref cpiRtbPri1c
DestinationCidrBlock: 0.0.0.0/0
#セキュリティグループ
#pub
cpiSgPub:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: pub-jump
VpcId: !Ref cpiVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
Tags:
- Key: Name
Value: cpi-sg-pub-jump
PubIngress02:
Type: AWS::EC2::SecurityGroupIngress
Properties:
GroupId: !Ref cpiSgPub
IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
PubIngress03:
Type: AWS::EC2::SecurityGroupIngress
Properties:
GroupId: !Ref cpiSgPub
IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
#pri
cpiSgPri:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: pri-web
VpcId: !Ref cpiVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
Tags:
- Key: Name
Value: cpi-sg-pri-web
#EC2
#jump01
cpiEc2Pub01:
Type: AWS::EC2::Instance
DependsOn: cpiIgwAttach
Properties:
ImageId: ami-0556b98d8e7a269f1
InstanceType: t2.micro
KeyName: cpi-box-01
NetworkInterfaces:
- GroupSet:
- Ref: cpiSgPub
AssociatePublicIpAddress: 'true'
DeviceIndex: '0'
DeleteOnTermination: 'true'
SubnetId:
Ref: cpiSubPub1a
Tags:
- Key: Name
Value: cpi-ec2-pub-jump-01
#jump02
cpiEc2Pub02:
Type: AWS::EC2::Instance
DependsOn: cpiIgwAttach
Properties:
ImageId: ami-0556b98d8e7a269f1
InstanceType: t2.micro
KeyName: cpi-box-01
NetworkInterfaces:
- GroupSet:
- Ref: cpiSgPub
AssociatePublicIpAddress: 'true'
DeviceIndex: '0'
DeleteOnTermination: 'true'
SubnetId:
Ref: cpiSubPub1c
Tags:
- Key: Name
Value: cpi-ec2-pub-jump-02
#web-pc-01
cpiEc2Pri1a01:
Type: AWS::EC2::Instance
DependsOn: cpiIgwAttach
Properties:
ImageId: ami-0556b98d8e7a269f1
InstanceType: t2.micro
KeyName: cpi-box-01
NetworkInterfaces:
- GroupSet:
- Ref: cpiSgPri
AssociatePublicIpAddress: 'false'
DeviceIndex: '0'
DeleteOnTermination: 'true'
SubnetId:
Ref: cpiSubPri1a
Tags:
- Key: Name
Value: cpi-ec2-pri-web-pc-01
#web-mobile-01
cpiEc2Pri1a02:
Type: AWS::EC2::Instance
DependsOn: cpiIgwAttach
Properties:
ImageId: ami-0556b98d8e7a269f1
InstanceType: t2.micro
KeyName: cpi-box-01
NetworkInterfaces:
- GroupSet:
- Ref: cpiSgPri
AssociatePublicIpAddress: 'false'
DeviceIndex: '0'
DeleteOnTermination: 'true'
SubnetId:
Ref: cpiSubPri2a
Tags:
- Key: Name
Value: cpi-ec2-pri-web-mobile-01
#web-pc-02
cpiEc2Pri1c01:
Type: AWS::EC2::Instance
DependsOn: cpiIgwAttach
Properties:
ImageId: ami-0556b98d8e7a269f1
InstanceType: t2.micro
KeyName: cpi-box-01
NetworkInterfaces:
- GroupSet:
- Ref: cpiSgPri
AssociatePublicIpAddress: 'false'
DeviceIndex: '0'
DeleteOnTermination: 'true'
SubnetId:
Ref: cpiSubPri1c
Tags:
- Key: Name
Value: cpi-ec2-pri-web-pc-02
#web-mobile-02
cpiEc2Pri1c02:
Type: AWS::EC2::Instance
DependsOn: cpiIgwAttach
Properties:
ImageId: ami-0556b98d8e7a269f1
InstanceType: t2.micro
KeyName: cpi-box-01
NetworkInterfaces:
- GroupSet:
- Ref: cpiSgPri
AssociatePublicIpAddress: 'false'
DeviceIndex: '0'
DeleteOnTermination: 'true'
SubnetId:
Ref: cpiSubPri2c
Tags:
- Key: Name
Value: cpi-ec2-pri-web-mobile-02