Cloudformationをきちんと触ったことがなかったので定番の3AZ環境を作ってみました。
(↓こういつやつ)
コード
CloudFormation.yml
---
AWSTemplateFormatVersion: '2010-09-09'
Description: AWSCloudformationTest
######################################################################
Metadata:
AWS::CloudFormation::Interface:
#コンソールでパラメータをグループ化およびソートする方法を定義するメタデータキー
ParameterGroups:
#パラメーターグループタイプ、グループ名を指定する場所、各グループ内のパラメーター、パラメーターが表示される順序のリスト
#VPC_ConfigurationというLabelに明示的に指定したParametersを紐づけてマネジメントコンソールで表示させる
-
Label:
default: VPC_Configuration
Parameters:
- VPCName
- CidrBlock
- EnableDnsSupport
- EnableDnsHostnames
- InstanceTenancy
-
Label:
default: Subnet01Configuration
Parameters:
- PrivateSubnet01Name
- PublicSubnet01Name
- PrivatePublicSubnet01AvailabilityZone
- PrivateSubnet01CidrBlock
- PublicSubnet01CidrBlock
-
Label:
default: Subnet02Configuration
Parameters:
- PrivateSubnet02Name
- PublicSubnet02Name
- PrivatePublicSubnet02AvailabilityZone
- PrivateSubnet02CidrBlock
- PublicSubnet02CidrBlock
-
Label:
default: subnet03Configuration
Parameters:
- PrivateSubnet03Name
- PublicSubnet03Name
- PrivatePublicSubnet03AvailabilityZone
- PrivateSubnet03CidrBlock
- PublicSubnet03CidrBlock
ParameterLabels:
#スタックが作成または更新されたときに AWS CloudFormation コンソールに表示されるパラメーターとそのフレンドリ名のマッピング
#ParameterGroups:とParameters:を紐づけている
VPCName:
default:"VPCName"
CidrBlock:
default:"CidrBlock:"
EnableDnsSupport:
default:"EnableDnsSupport"
EnableDnsHostnames:
default:"EnableDnsSupport"
InstanceTenancy:
default:"InstanceTenancy"
PrivateSubnet01Name:
default:"PrivateSubnet01Name"
PrivatePublicSubnet01AvailabilityZone:
default:"PrivatePublicSubnet01AvailabilityZone"
PrivateSubnet01CidrBlock:
default:"PrivateSubnet01CidrBlock:"
PrivateSubnet02Name:
default:"PrivateSubnet02Name"
PrivatePublicSubnet02AvailabilityZone:
default:"PrivatePublic02AvailabilityZone"
PrivateSubnet02CidrBlock:
default:"PrivateSubnet02CidrBlock:"
PrivateSubnet03Name:
default:"PrivateSubnet03Name"
PrivatePublicSubnet03AvailabilityZone:
default:"PrivatePublicSubnet03AvailabilityZone"
PrivateSubnet03CidrBlock:
default:"PrivateSubnet03CidrBlock:"
PublicSubnet01Name:
default:"PublicSubnet01Name"
PublicSubnet01CidrBlock:
default:"PublicSubnet01CidrBlock:"
PublicSubnet02Name:
default:"PublicSubnet02Name"
PublicSubnet02CidrBlock:
default:"PublicSubnet02CidrBlock:"
PubliceSubnet03Name:
default:"PublicSubnet03Name"
PublicSubnet03CidrBlock:
default:"PublicSubnet03CidrBlock:"
######################################################################
#パラメータの入力値
Parameters:
VPCName:
Type: String
CidrBlock:
Type: String
Default: 10.0.0.0/16
EnableDnsSupport:
Type: String
Default: true
AllowedValues:
- true
- false
EnableDnsHostnames:
Type: String
Default: true
AllowedValues:
- true
- false
InstanceTenancy:
Type: String
Default: default
AllowedValues:
- default
- dedicated
PrivateSubnet01Name:
Type: String
Default: privatesubnet-01
PrivatePublicSubnet01AvailabilityZone:
Type: AWS::EC2::AvailabilityZone::Name
Default: ap-northeast-1a
PrivateSubnet01CidrBlock:
Type: String
Default: 10.0.1.0/24
PrivateSubnet02Name:
Type: String
Default: privatesubnet-02
PrivatePublicSubnet02AvailabilityZone:
Type: AWS::EC2::AvailabilityZone::Name
Default: ap-northeast-1c
PrivateSubnet02CidrBlock:
Type: String
Default: 10.0.2.0/24
PrivateSubnet03Name:
Type: String
Default: privatesubnet-03
PrivatePublicSubnet03AvailabilityZone:
Type: AWS::EC2::AvailabilityZone::Name
Default: ap-northeast-1d
PrivateSubnet03CidrBlock:
Type: String
Default: 10.0.3.0/24
PublicSubnet01Name:
Type: String
Default: publicsubnet-01
PublicSubnet01CidrBlock:
Type: String
Default: 10.0.4.0/24
PublicSubnet02Name:
Type: String
Default: publicsubnet-02
PublicSubnet02CidrBlock:
Type: String
Default: 10.0.5.0/24
PublicSubnet03Name:
Type: String
Default: publicsubnet-03
PublicSubnet03CidrBlock:
Type: String
Default: 10.0.6.0/24
######################################################################
Resources:
#VPCの作成
CreateVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref CidrBlock
EnableDnsSupport: !Ref EnableDnsSupport
EnableDnsHostnames: !Ref EnableDnsHostnames
InstanceTenancy: !Ref InstanceTenancy
Tags:
- Key: Name
Value: !Ref VPCName
#インターネットゲートウェイの作成とVPCへのアタッチ
CreateInternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: !Sub ${VPCName}-igw
AttachInternetGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref CreateVPC
InternetGatewayId: !Ref CreateInternetGateway
#プライベートサブネットの作成
CreatePrivateSubnet01:
Type: AWS::EC2::Subnet
Properties:
#AssignIpv6AddressOnCreation: false
AvailabilityZone: !Ref PrivatePublicSubnet01AvailabilityZone
CidrBlock: !Ref PrivateSubnet01CidrBlock
#Ipv6CidrBlock: String #IPv6を使う場合はv6のCIFRブロックの指定が必須。
MapPublicIpOnLaunch: false #PrivateSubnetの定義なのでfalse
Tags:
- Key: Name
Value: !Ref PrivateSubnet01Name
VpcId: !Ref CreateVPC
CreatePrivateSubnet02:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: !Ref PrivatePublicSubnet02AvailabilityZone
CidrBlock: !Ref PrivateSubnet02CidrBlock
MapPublicIpOnLaunch: false #PrivateSubnetの定義なのでfalse
Tags:
- Key: Name
Value: !Ref PrivateSubnet02Name
VpcId: !Ref CreateVPC
CreatePrivateSubnet03:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: !Ref PrivatePublicSubnet03AvailabilityZone
CidrBlock: !Ref PrivateSubnet03CidrBlock
MapPublicIpOnLaunch: false #PrivateSubnetの定義なのでfalse
Tags:
- Key: Name
Value: !Ref PrivateSubnet03Name
VpcId: !Ref CreateVPC
#パブリックサブネットの作成
CreatePublicSubnet01:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: !Ref PrivatePublicSubnet01AvailabilityZone
CidrBlock: !Ref PublicSubnet01CidrBlock
MapPublicIpOnLaunch: true #PublicSubnetの定義なのでtrue
Tags:
- Key: Name
Value: !Ref PublicSubnet01Name
VpcId: !Ref CreateVPC
CreatePublicSubnet02:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: !Ref PrivatePublicSubnet02AvailabilityZone
CidrBlock: !Ref PublicSubnet02CidrBlock
MapPublicIpOnLaunch: true #PublicSubnetの定義なのでtrue
Tags:
- Key: Name
Value: !Ref PublicSubnet02Name
VpcId: !Ref CreateVPC
CreatePublicSubnet03:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: !Ref PrivatePublicSubnet03AvailabilityZone
CidrBlock: !Ref PublicSubnet03CidrBlock
MapPublicIpOnLaunch: true #PublicSubnetの定義なのでtrue
Tags:
- Key: Name
Value: !Ref PublicSubnet03Name
VpcId: !Ref CreateVPC
#プライベートルートテーブルの作成
CreatePrivateRouteTable01:
Type: AWS::EC2::RouteTable
Properties:
Tags:
- Key: Name
Value: !Sub ${VPCName}-private-rt01
VpcId: !Ref CreateVPC
CreatePrivateRouteTable02:
Type: AWS::EC2::RouteTable
Properties:
Tags:
- Key: Name
Value: !Sub ${VPCName}-private-rt02
VpcId: !Ref CreateVPC
CreatePrivateRouteTable03:
Type: AWS::EC2::RouteTable
Properties:
Tags:
- Key: Name
Value: !Sub ${VPCName}-private-rt03
VpcId: !Ref CreateVPC
#プライベートテーブルの関連付け
PrivateSubnetRouteTableAssociation01:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref CreatePrivateSubnet01
RouteTableId: !Ref CreatePrivateRouteTable01
PrivateSubnetRouteTableAssociation02:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref CreatePrivateSubnet02
RouteTableId: !Ref CreatePrivateRouteTable02
PrivateSubnetRouteTableAssociation03:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref CreatePrivateSubnet03
RouteTableId: !Ref CreatePrivateRouteTable03
#パブリックルートテーブルの作成
CreatePublicRouteTable01:
Type: AWS::EC2::RouteTable
Properties:
Tags:
- Key: Name
Value: !Sub ${VPCName}-public-rt01
VpcId: !Ref CreateVPC
AddPublicRoute01:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref CreatePublicRouteTable01
DestinationCidrBlock: "0.0.0.0/0"
GatewayId: !Ref CreateInternetGateway
DependsOn: CreatePublicRouteTable01
CreatePublicRouteTable02:
Type: AWS::EC2::RouteTable
Properties:
Tags:
- Key: Name
Value: !Sub ${VPCName}-public-rt02
VpcId: !Ref CreateVPC
AddPublicRoute02:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref CreatePublicRouteTable02
DestinationCidrBlock: "0.0.0.0/0"
GatewayId: !Ref CreateInternetGateway
DependsOn: CreatePublicRouteTable02
CreatePublicRouteTable03:
Type: AWS::EC2::RouteTable
Properties:
Tags:
- Key: Name
Value: !Sub ${VPCName}-public-rt03
VpcId: !Ref CreateVPC
AddPublicRoute03:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref CreatePublicRouteTable03
DestinationCidrBlock: "0.0.0.0/0"
GatewayId: !Ref CreateInternetGateway
DependsOn: CreatePublicRouteTable03