LoginSignup
2
2

More than 5 years have passed since last update.

@takachan(Takayuki Niinuma)

CloudFormationを使用して、カスタマイズしたVPCを作成してみる。

Posted at

このような構成が出来上がります

vpc.png

以下の内容を任意で入力できるようにしました。

kobito.1447866350.676477.png

template

create_vpc.json
{
  "AWSTemplateFormatVersion" : "2010-09-09",
  "Description" : "Create AWS CloudFormation Customize Virtual Private Cloud",
  "Parameters" : {
    "VpcName": {
      "Description" : "Please input VPC name.",
      "Type": "String",
      "Default" : "demo-vpc",
      "AllowedPattern" : "[-a-zA-Z0-9]*",
      "ConstraintDescription" : ""
    },
    "VpcCidrBlock" : {
      "Type" : "String",
      "Description" : "Please input an IP range in VPC.",
      "Default" : "10.0.0.0/16",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/16",
      "ConstraintDescription": ""
    },
    "VpcSubnetNameDMZa": {
      "Description" : "Please input the subnet name of DMZ-a.",
      "Type": "String",
      "Default" : "vpc-dmz-a",
      "AllowedPattern" : "[-a-zA-Z0-9]*",
      "ConstraintDescription" : ""
    },
    "VpcSubnetCidrBlockDMZa" : {
      "Type" : "String",
      "Description" : "Please input an IP range in DMZ-a.",
      "Default" : "10.0.10.0/24",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/24",
      "ConstraintDescription": ""
    },
    "VpcSubnetNameDMZc": {
      "Description" : "Please input the subnet name of DMZ-c.",
      "Type": "String",
      "Default" : "vpc-dmz-c",
      "AllowedPattern" : "[-a-zA-Z0-9]*",
      "ConstraintDescription" : ""
    },
    "VpcSubnetCidrBlockDMZc" : {
      "Type" : "String",
      "Description" : "Please input an IP range in DMZ-c.",
      "Default" : "10.0.20.0/24",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/24",
      "ConstraintDescription": ""
    },
    "VpcSubnetNameFRONTa": {
      "Description" : "Please input the subnet name of FRONT-a.",
      "Type": "String",
      "Default" : "vpc-frontend-a",
      "AllowedPattern" : "[-a-zA-Z0-9]*",
      "ConstraintDescription" : ""
    },
    "VpcSubnetCidrBlockFRONTa" : {
      "Type" : "String",
      "Description" : "Please input an IP range in FRONT-a.",
      "Default" : "10.0.30.0/24",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/24",
      "ConstraintDescription": ""
    },
    "VpcSubnetNameFRONTc": {
      "Description" : "Please input the subnet name of FRONT-c.",
      "Type": "String",
      "Default" : "vpc-frontend-c",
      "AllowedPattern" : "[-a-zA-Z0-9]*",
      "ConstraintDescription" : ""
    },
    "VpcSubnetCidrBlockFRONTc" : {
      "Type" : "String",
      "Description" : "Please input an IP range in FRONT-c.",
      "Default" : "10.0.40.0/24",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/24",
      "ConstraintDescription": ""
    },
    "VpcSubnetNameBACKa": {
      "Description" : "Please input the subnet name of BACK-a.",
      "Type": "String",
      "Default" : "vpc-backend-a",
      "AllowedPattern" : "[-a-zA-Z0-9]*",
      "ConstraintDescription" : ""
    },
    "VpcSubnetCidrBlockBACKa" : {
      "Type" : "String",
      "Description" : "Please input an IP range in BACK-a.",
      "Default" : "10.0.50.0/24",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/24",
      "ConstraintDescription": ""
    },
    "VpcSubnetNameBACKc": {
      "Description" : "Please input the subnet name of BACK-c.",
      "Type": "String",
      "Default" : "vpc-backend-c",
      "AllowedPattern" : "[-a-zA-Z0-9]*",
      "ConstraintDescription" : ""
    },
    "VpcSubnetCidrBlockBACKc" : {
      "Type" : "String",
      "Description" : "Please input an IP range in BACK-c.",
      "Default" : "10.0.60.0/24",
      "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/24",
      "ConstraintDescription": ""
    },
    "InternetGatewayName": {
      "Description" : "Please input the name of Internet Gateway.",
      "Type": "String",
      "Default" : "demo-igw",
      "AllowedPattern" : "[-a-zA-Z0-9]*",
      "ConstraintDescription" : ""
    }
  },

  "Mappings" : {},

  "Resources" : {
    "VPC" : {
      "Type" : "AWS::EC2::VPC",
      "Properties" : {
        "CidrBlock" : { "Ref" : "VpcCidrBlock" },
        "EnableDnsSupport" : "true",
        "EnableDnsHostnames" : "true",
        "Tags" : [
          { "Key" : "Name", "Value" : { "Ref" : "VpcName" } }
        ]
      }
    },
    "Subnetdmza" : {
       "Type" : "AWS::EC2::Subnet",
       "Properties" : {
          "VpcId" : { "Ref" : "VPC" },
          "AvailabilityZone" : "ap-northeast-1a",
          "CidrBlock" : { "Ref" : "VpcSubnetCidrBlockDMZa" },
          "MapPublicIpOnLaunch" : true,
          "Tags" : [
            { "Key" : "Name", "Value" : { "Ref" : "VpcSubnetNameDMZa" } }
          ]
       }
    },
    "Subnetdmzc" : {
       "Type" : "AWS::EC2::Subnet",
       "Properties" : {
          "VpcId" : { "Ref" : "VPC" },
          "AvailabilityZone" : "ap-northeast-1c",
          "CidrBlock" : { "Ref" : "VpcSubnetCidrBlockDMZc" },
          "MapPublicIpOnLaunch" : true,
          "Tags" : [
            { "Key" : "Name", "Value" : { "Ref" : "VpcSubnetNameDMZc" } }
          ]
       }
    },
    "Subnetfrontenda" : {
       "Type" : "AWS::EC2::Subnet",
       "Properties" : {
          "VpcId" : { "Ref" : "VPC" },
          "AvailabilityZone" : "ap-northeast-1a",
          "CidrBlock" : { "Ref" : "VpcSubnetCidrBlockFRONTa" },
          "MapPublicIpOnLaunch" : false,
          "Tags" : [
            { "Key" : "Name", "Value" : { "Ref" : "VpcSubnetNameFRONTa" } }
          ]
       }
    },
    "Subnetfrontendc" : {
       "Type" : "AWS::EC2::Subnet",
       "Properties" : {
          "VpcId" : { "Ref" : "VPC" },
          "AvailabilityZone" : "ap-northeast-1c",
          "CidrBlock" : { "Ref" : "VpcSubnetCidrBlockFRONTc" },
          "MapPublicIpOnLaunch" : false,
          "Tags" : [
            { "Key" : "Name", "Value" : { "Ref" : "VpcSubnetNameFRONTc" } }
          ]
       }
    },
    "Subnetbackenda" : {
       "Type" : "AWS::EC2::Subnet",
       "Properties" : {
          "VpcId" : { "Ref" : "VPC" },
          "AvailabilityZone" : "ap-northeast-1a",
          "CidrBlock" : { "Ref" : "VpcSubnetCidrBlockBACKa" },
          "MapPublicIpOnLaunch" : false,
          "Tags" : [
            { "Key" : "Name", "Value" : { "Ref" : "VpcSubnetNameBACKa" } }
          ]
       }
    },
    "Subnetbackendc" : {
       "Type" : "AWS::EC2::Subnet",
       "Properties" : {
          "VpcId" : { "Ref" : "VPC" },
          "AvailabilityZone" : "ap-northeast-1c",
          "CidrBlock" : { "Ref" : "VpcSubnetCidrBlockBACKc" },
          "MapPublicIpOnLaunch" : false,
          "Tags" : [
            { "Key" : "Name", "Value" : { "Ref" : "VpcSubnetNameBACKc" } }
          ]
       }
    },
    "InternetGateway" : {
      "Type" : "AWS::EC2::InternetGateway",
      "Properties" : {
        "Tags" : [
          { "Key" : "Name", "Value" : { "Ref" : "InternetGatewayName" } }
        ]
      }
    },
    "GatewayToInternet" : {
       "Type" : "AWS::EC2::VPCGatewayAttachment",
       "Properties" : {
         "VpcId" : { "Ref" : "VPC" },
         "InternetGatewayId" : { "Ref" : "InternetGateway" }
       }
    },
    "PublicRouteTable" : {
      "Type" : "AWS::EC2::RouteTable",
      "Properties" : {
        "VpcId" : { "Ref" : "VPC" },
        "Tags" : [
          { "Key" : "Application", "Value" : { "Ref" : "AWS::StackId" } },
          { "Key" : "Network", "Value" : "Public" }
        ]
      }
    },
    "PublicRoute" : {
      "Type" : "AWS::EC2::Route",
      "DependsOn" : "GatewayToInternet",
      "Properties" : {
        "RouteTableId" : { "Ref" : "PublicRouteTable" },
        "DestinationCidrBlock" : "0.0.0.0/0",
        "GatewayId" : { "Ref" : "InternetGateway" }
      }
    },
    "PublicSubnetRouteTableAssociation1" : {
      "Type" : "AWS::EC2::SubnetRouteTableAssociation",
      "Properties" : {
        "SubnetId" : { "Ref" : "Subnetdmza" },
        "RouteTableId" : { "Ref" : "PublicRouteTable" }
      }
    },
    "PublicSubnetRouteTableAssociation2" : {
      "Type" : "AWS::EC2::SubnetRouteTableAssociation",
      "Properties" : {
        "SubnetId" : { "Ref" : "Subnetdmzc" },
        "RouteTableId" : { "Ref" : "PublicRouteTable" }
      }
    },
    "PublicNetworkAcl" : {
      "Type" : "AWS::EC2::NetworkAcl",
      "Properties" : {
        "VpcId" : { "Ref" : "VPC" }
      }
    }
  },

  "Outputs" : {}
}
2
2
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
2
2