はじめに
現在CloudFormationを学習しており、備忘録として記事を書きます。
-
CidrBlockが既存のVPCと重複してなければどのリージョンでも作成出来ます。 - プライベートサブネットにはRDSしか設置する予定がないため、NATゲートウェイは作成しません。
コード
Create-vpc.yml
AWSTemplateFormatVersion: "2010-09-09"
Description: VPC & subnet create
Resources:
MyFirstVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.1.0.0/16
EnableDnsSupport: "true"
EnableDnsHostnames: "true"
InstanceTenancy: default
Tags:
- Key: Name
Value: CloudFormation-VPC
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyFirstVPC
Tags:
- Key: Name
Value: CloudFormation-VPC-PublicRT
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyFirstVPC
Tags:
- Key: Name
Value: CloudFormation-VPC-PrivateRT
PublicSubnet0:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyFirstVPC
CidrBlock: 10.1.0.0/24
AvailabilityZone: !Select
- 0
- Fn::GetAZs: !Ref "AWS::Region"
Tags:
- Key: Name
Value: CloudFormation-public-subnet-0
PubSubnet1ARouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet0
RouteTableId: !Ref PublicRouteTable
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyFirstVPC
CidrBlock: 10.1.2.0/24
AvailabilityZone: !Select
- 1
- Fn::GetAZs: !Ref "AWS::Region"
Tags:
- Key: Name
Value: CloudFormation-public-subnet-1
PubSubnet1CRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet1
RouteTableId: !Ref PublicRouteTable
PrivateSubnet0:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyFirstVPC
CidrBlock: 10.1.1.0/24
AvailabilityZone: !Select
- 0
- Fn::GetAZs: !Ref "AWS::Region"
Tags:
- Key: Name
Value: CloudFormation-private-subnet-0
PriSubnet1ARouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PrivateSubnet0
RouteTableId: !Ref PrivateRouteTable
PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyFirstVPC
CidrBlock: 10.1.3.0/24
AvailabilityZone: !Select
- 1
- Fn::GetAZs: !Ref "AWS::Region"
Tags:
- Key: Name
Value: CloudFormation-private-subnet-1
PriSubnet1CRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PrivateSubnet1
RouteTableId: !Ref PrivateRouteTable
myInternetGateway:
Type: "AWS::EC2::InternetGateway"
Properties:
Tags:
- Key: Name
Value: CloudFormation-ING
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref MyFirstVPC
InternetGatewayId: !Ref myInternetGateway
myRoute:
Type: AWS::EC2::Route
DependsOn: myInternetGateway
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref myInternetGateway
Outputs:
StackVPC:
Description: The ID of the VPC
Value: !Ref MyFirstVPC
Export:
Name: !Sub "${AWS::StackName}-VPCID"
StackPublicSubnet0:
Description: The ID of the VPC Subnet
Value: !Ref PublicSubnet0
Export:
Name: !Sub "${AWS::StackName}-PublicSubnet0"
StackPublicSubnet1:
Description: The ID of the VPC Subnet
Value: !Ref PublicSubnet1
Export:
Name: !Sub "${AWS::StackName}-PublicSubnet1"
StackPrivateSubnet0:
Description: The ID of the VPC Subnet
Value: !Ref PrivateSubnet0
Export:
Name: !Sub "${AWS::StackName}-PrivateSubnet0"
StackPrivateSubnet1:
Description: The ID of the VPC Subnet
Value: !Ref PrivateSubnet1
Export:
Name: !Sub "${AWS::StackName}-PrivateSubnet1"
AWS CLIでスタックの登録
AWS CLIで登録します。
% aws --version
aws-cli/2.0.10 Python/3.7.4 Darwin/19.4.0 botocore/2.0.0dev14
% aws cloudformation create-stack \
--tags Key="name",Value="test" \
--stack-name TESTSTACK \
--template-body file://Create-vpc.yml
成功したか確認します。
% aws cloudformation list-stacks \
--stack-status-filter CREATE_COMPLETE \
| jq -r ".StackSummaries[].StackName" | head -n1
TESTSTACK
要らなくなったら削除します。
% aws cloudformation delete-stack --stack-name TESTSTACK