{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "This template creates a 5G Infra test environment with required VPCs: eNB, MEC, GilAN, and / or CP along with the Networking components", "Metadata": { "Version" : "2.0", "Comment" : "This template is run by CloudFormation Root Stack to deploy the following resources through Nested Stacks:", "Comment" : " - VPCs, Bastion in each VPC", "Comment" : "This template is to be enhanced with:", "Comment" : " - Inter-VPC Peering connection based on the 5G infra deployment patterns", "Comment" : " - Inter-VPC subnet routing", "AWS::CloudFormation::Interface": { "ParameterGroups": [ { "Label": { "default": "VPC Deployment" }, "Parameters": [ "AvailabilityZones", "DeployVPCeNB", "VPCeNBName", "VPCeNBCIDR", "DeployVPCMEC", "DeployVPCMECMultiAZ", "VPCMECName", "VPCMECCIDR", "DeployVPCGiLAN", "VPCGiLANName", "VPCGiLANCIDR", "DeployVPCCP", "VPCCPName", "VPCCPCIDR", "UENETCIDR", "ENBNETCIDR", "S3BucketName" ] }, { "Label": { "default": "Bastion Configuration" }, "Parameters": [ "BastionAMIOS", "BastionInstanceType", "EnableTCPForwarding", "KeyPairName", "RemoteAccessCIDR" ] } ], "ParameterLabels": { "AvailabilityZones": { "default": "Availability Zones" }, "DeployVPCeNB": { "Default": "yes" }, "VPCeNBName": { "default": "VPC eNB Name" }, "VPCeNBCIDR": { "default": "VPC eNB CIDR" }, "DeployVPCMEC": { "Default": "yes" }, "DeployVPCMECMultiAZ": { "Default": "no" }, "VPCMECName": { "default": "VPC MEC Name" }, "VPCMECCIDR": { "default": "VPC MEC CIDR" }, "DeployVPCGiLAN": { "Default": "yes" }, "VPCGiLANName": { "default": "VPC GiLAN Name" }, "VPCGiLANCIDR": { "default": "VPC GiLAN CIDR" }, "DeployVPCCP": { "Default": "no" }, "VPCCPName": { "default": "VPC CP Name" }, "VPCCPCIDR": { "default": "VPC CP CIDR" }, "BastionAMIOS": { "default": "Bastion AMI Operating System" }, "BastionInstanceType": { "default": "Bastion Instance Type" }, "BastionInstanceName": { "default": "Bastion Name" }, "EnableTCPForwarding": { "default": "Enable TCP Forwarding" }, "KeyPairName": { "default": "Key Pair Name" }, "RemoteAccessCIDR": { "default": "Allowed Bastion External Access CIDR" }, "UENETCIDR": { "default": "Allowed UE NET CIDR" }, "ENBNETCIDR": { "default": "Allowed ENB NET CIDR" }, "S3BucketName": { "default": "S3 Bucket for storing the cloudformation templates" } } } }, "Parameters": { "AvailabilityZones": { "Description": "Select one Availability Zone for all the VPCs.", "Type": "List" }, "DeployVPCeNB": { "AllowedValues": [ "yes", "no" ], "Description": "If yes, deploy VPC-eNB", "Type": "String" }, "VPCeNBName": { "Description": "VPC eNB Name", "Type": "String", "Default": "VPC-eNB" }, "S3BucketName": { "Description": "S3 Bucket Name", "MinLength" : "1", "Type": "String" }, "VPCeNBCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/x", "Description": "Allowed CIDR block for deploying eNB", "Type": "String", "Default": "10.2.0.0/16" }, "DeployVPCMEC": { "AllowedValues": [ "yes", "no" ], "Description": "If yes, deploy VPC-MEC", "Type": "String" }, "DeployVPCMECMultiAZ": { "AllowedValues": [ "yes", "no" ], "Description": "If yes, deploy VPC-MEC with multiple AZ", "Type": "String", "Default": "no" }, "VPCMECName": { "Description": "VPC MEC Name", "Type": "String", "Default": "VPC-MEC" }, "VPCMECCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/x", "Description": "Allowed CIDR block for deploying MEC", "Type": "String", "Default": "10.1.0.0/16" }, "DeployVPCGiLAN": { "AllowedValues": [ "yes", "no" ], "Description": "If yes, deploy VPC-GiLAN", "Type": "String" }, "VPCGiLANName": { "Description": "VPC GiLAN Name", "Type": "String", "Default": "VPC-GiLAN" }, "VPCGiLANCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/x", "Description": "Allowed CIDR block for deploying GiLAN", "Type": "String", "Default": "10.3.0.0/16" }, "DeployVPCCP": { "AllowedValues": [ "yes", "no" ], "Description": "If yes, deploy VPC-CP", "Type": "String" }, "VPCCPName": { "Description": "VPC CP Name", "Type": "String", "Default": "VPC-CP" }, "VPCCPCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/x", "Description": "Allowed CIDR block for deploying CP", "Type": "String", "Default": "10.4.0.0/16" }, "BastionAMIOS": { "AllowedValues": [ "Ubuntu-Server-18.04-LTS-HVM", "Amazon-Linux-HVM" ], "Default": "Ubuntu-Server-18.04-LTS-HVM", "Description": "Ubuntu 18.04 AMI is to be used for the bastion instance.", "Type": "String" }, "BastionInstanceType": { "AllowedValues": [ "t3.small", "t3.medium", "t3.large" ], "Default": "t3.medium", "Description": "Amazon EC2 instance type for the bastion instances", "Type": "String" }, "EnableTCPForwarding": { "Type": "String", "Description": "Enable/Disable TCP Forwarding", "Default": "false", "AllowedValues": [ "true", "false" ] }, "KeyPairName": { "Description": "Enter a Public/private key pair. If you do not have one in this region, please create it before continuing", "Type": "AWS::EC2::KeyPair::KeyName" }, "RemoteAccessCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/x", "Description": "Allowed CIDR block for external SSH access to the bastions", "Type": "String", "Default": "1.1.1.1/32" }, "UENETCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/12)$", "ConstraintDescription": "UE NET CIDR block parameter must be in the form x.x.x.x/12", "Description": "Allowed CIDR block for UE NET", "Type": "String", "Default": "172.16.0.0/12" }, "ENBNETCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/16)$", "ConstraintDescription": "ENB NET CIDR block parameter must be in the form x.x.x.x/16", "Description": "Allowed CIDR block for ENB NET", "Type": "String", "Default": "192.168.0.0/16" } }, "Conditions": { "DeployVPCeNB": {"Fn::Equals" : [{"Ref": "DeployVPCeNB"}, "yes"]}, "DeployVPCMEC": {"Fn::Equals" : [{"Ref": "DeployVPCMEC"}, "yes"]}, "DeployVPCMECMultiAZ": {"Fn::Equals" : [{"Ref": "DeployVPCMECMultiAZ"}, "yes"]}, "DeployVPCGiLAN": {"Fn::Equals" : [{"Ref": "DeployVPCGiLAN"}, "yes"]}, "DeployVPCCP": {"Fn::Equals" : [{"Ref": "DeployVPCCP"}, "yes"]}, "DeployVPCeNBVPCMECTGW": { "Fn::And": [ {"Fn::Equals" : [{"Ref": "DeployVPCeNB"}, "yes"]}, {"Fn::Equals" : [{"Ref": "DeployVPCMEC"}, "yes"]} ]}, "DeployVPCMECVPCGiLANTGW": { "Fn::And": [ {"Fn::Equals" : [{"Ref": "DeployVPCMEC"}, "yes"]}, {"Fn::Equals" : [{"Ref": "DeployVPCGiLAN"}, "yes"]} ]}, "DeployVPCMECVPCCPTGW": { "Fn::And": [ {"Fn::Equals" : [{"Ref": "DeployVPCMEC"}, "yes"]}, {"Fn::Equals" : [{"Ref": "DeployVPCCP"}, "yes"]} ]}, "DeployVPCeNBVPCGiLANPC": { "Fn::And": [ {"Fn::Equals" : [{"Ref": "DeployVPCeNB"}, "yes"]}, {"Fn::Equals" : [{"Ref": "DeployVPCGiLAN"}, "yes"]} ]} }, "Resources" : { "VPCeNBStack" : { "Condition" : "DeployVPCeNB", "Type" : "AWS::CloudFormation::Stack", "Properties" : { "TemplateURL" : {"Fn::Sub": "https://${S3BucketName}.s3-${AWS::Region}.amazonaws.com/5g-env-vpc-enb.template"}, "Parameters" : { "AvailabilityZones": {"Fn::Join": [",", {"Ref": "AvailabilityZones"}] }, "VPCeNBName": {"Ref": "VPCeNBName"}, "VPCeNBCIDR": {"Ref": "VPCeNBCIDR"}, "ENBNETCIDR": {"Ref": "ENBNETCIDR"}, "S3BucketName": {"Ref": "S3BucketName"}, "VPCeNBPubSubnet1CIDR": {"Fn::Select" : [0, { "Fn::Cidr" : [{"Ref": "VPCeNBCIDR"}, 256, 8]}]}, "VPCeNBPrvSubnetMgmtCIDR": {"Fn::Select" : [1, { "Fn::Cidr" : [{"Ref": "VPCeNBCIDR"}, 256, 8]}]}, "VPCeNBPrvSubnetS1UCIDR": {"Fn::Select" : [2, { "Fn::Cidr" : [{"Ref": "VPCeNBCIDR"}, 256, 8]}]} }, "TimeoutInMinutes" : "10" } }, "VPCMECStack" : { "Condition" : "DeployVPCMEC", "Type" : "AWS::CloudFormation::Stack", "Properties" : { "TemplateURL" : { "Fn::If": [ "DeployVPCMECMultiAZ", {"Fn::Sub": "https://${S3BucketName}.s3-${AWS::Region}.amazonaws.com/5g-env-vpc-mec-2az.template"}, {"Fn::Sub": "https://${S3BucketName}.s3-${AWS::Region}.amazonaws.com/5g-env-vpc-mec.template"} ]}, "Parameters" : { "AvailabilityZones": {"Fn::Join": [",", {"Ref": "AvailabilityZones"}] }, "VPCMECName": {"Ref": "VPCMECName"}, "VPCMECCIDR": {"Ref": "VPCMECCIDR"}, "ENBNETCIDR": {"Ref": "ENBNETCIDR"}, "S3BucketName": {"Ref": "S3BucketName"}, "VPCMECPubSubnet1CIDR": {"Fn::Select" : [0, { "Fn::Cidr" : [{"Ref": "VPCMECCIDR"}, 256, 8]}]}, "VPCMECPrvSubnetMgmtSx1CIDR": {"Fn::Select" : [1, { "Fn::Cidr" : [{"Ref": "VPCMECCIDR"}, 256, 8]}]}, "VPCMECPrvSubnetS1UCIDR": {"Fn::Select" : [2, { "Fn::Cidr" : [{"Ref": "VPCMECCIDR"}, 256, 8]}]}, "VPCMECPrvSubnetSGICIDR": {"Fn::Select" : [3, { "Fn::Cidr" : [{"Ref": "VPCMECCIDR"}, 256, 8]}]}, "VPCMECPubSubnet2CIDR": { "Fn::If": [ "DeployVPCMECMultiAZ", {"Fn::Select" : [10, { "Fn::Cidr" : [{"Ref": "VPCMECCIDR"}, 256, 8]}]}, {"Ref": "AWS::NoValue"}]}, "VPCMECPrvSubnetMgmtSx2CIDR": { "Fn::If": [ "DeployVPCMECMultiAZ", {"Fn::Select" : [11, { "Fn::Cidr" : [{"Ref": "VPCMECCIDR"}, 256, 8]}]}, {"Ref": "AWS::NoValue"}]} }, "TimeoutInMinutes" : "10" } }, "VPCGiLANStack" : { "Condition" : "DeployVPCGiLAN", "Type" : "AWS::CloudFormation::Stack", "Properties" : { "TemplateURL" : {"Fn::Sub": "https://${S3BucketName}.s3-${AWS::Region}.amazonaws.com/5g-env-vpc-gilan.template"}, "Parameters" : { "AvailabilityZones": {"Fn::Join": [",", {"Ref": "AvailabilityZones"}] }, "VPCGiLANName": {"Ref": "VPCGiLANName"}, "VPCGiLANCIDR": {"Ref": "VPCGiLANCIDR"}, "UENETCIDR": {"Ref": "UENETCIDR"}, "S3BucketName": {"Ref": "S3BucketName"}, "VPCGiLANPubSubnet1CIDR": {"Fn::Select" : [0, { "Fn::Cidr" : [{"Ref": "VPCGiLANCIDR"}, 256, 8]}]}, "VPCGiLANPrvSubnetMgmtCIDR": {"Fn::Select" : [1, { "Fn::Cidr" : [{"Ref": "VPCGiLANCIDR"}, 256, 8]}]}, "VPCGiLANPrvSubnetSGICIDR": {"Fn::Select" : [3, { "Fn::Cidr" : [{"Ref": "VPCGiLANCIDR"}, 256, 8]}]} }, "TimeoutInMinutes" : "10" } }, "VPCCPStack" : { "Condition" : "DeployVPCCP", "Type" : "AWS::CloudFormation::Stack", "Properties" : { "TemplateURL" : {"Fn::Sub": "https://${S3BucketName}.s3-${AWS::Region}.amazonaws.com/5g-env-vpc-cp.template"}, "Parameters" : { "AvailabilityZones": {"Fn::Join": [",", {"Ref": "AvailabilityZones"}] }, "VPCCPName": {"Ref": "VPCCPName"}, "VPCCPCIDR": {"Ref": "VPCCPCIDR"}, "S3BucketName": {"Ref": "S3BucketName"}, "VPCCPPubSubnet1CIDR": {"Fn::Select" : [0, { "Fn::Cidr" : [{"Ref": "VPCCPCIDR"}, 256, 8]}]}, "VPCCPPrvSubnetMgmtCIDR": {"Fn::Select" : [1, { "Fn::Cidr" : [{"Ref": "VPCCPCIDR"}, 256, 8]}]} }, "TimeoutInMinutes" : "10" } }, "VPCeNBBastionStack" : { "Condition" : "DeployVPCeNB", "DependsOn" : "VPCeNBStack", "Type" : "AWS::CloudFormation::Stack", "Properties" : { "TemplateURL" : {"Fn::Sub": "https://${S3BucketName}.s3-${AWS::Region}.amazonaws.com/5g-env-bastion-EIP.template"}, "Parameters" : { "BastionInstanceName": {"Fn::Sub": "${VPCeNBName}-Bastion"}, "BastionAMIOS": {"Ref": "BastionAMIOS"}, "BastionInstanceType": {"Ref": "BastionInstanceType"}, "EnableTCPForwarding": {"Ref": "EnableTCPForwarding"}, "KeyPairName": {"Ref": "KeyPairName"}, "RemoteAccessCIDR": {"Ref": "RemoteAccessCIDR"}, "VPCID" : { "Fn::GetAtt": ["VPCeNBStack", "Outputs.VPCeNBID"] }, "PublicSubnetID": { "Fn::GetAtt": ["VPCeNBStack", "Outputs.VPCeNBPublicSubnetID"] } }, "TimeoutInMinutes" : "10" } }, "VPCMECBastionStack" : { "Condition" : "DeployVPCMEC", "DependsOn" : "VPCMECStack", "Type" : "AWS::CloudFormation::Stack", "Properties" : { "TemplateURL" : {"Fn::Sub": "https://${S3BucketName}.s3-${AWS::Region}.amazonaws.com/5g-env-bastion-EIP.template"}, "Parameters" : { "BastionInstanceName": {"Fn::Sub": "${VPCMECName}-Bastion"}, "BastionAMIOS": {"Ref": "BastionAMIOS"}, "BastionInstanceType": {"Ref": "BastionInstanceType"}, "EnableTCPForwarding": {"Ref": "EnableTCPForwarding"}, "KeyPairName": {"Ref": "KeyPairName"}, "RemoteAccessCIDR": {"Ref": "RemoteAccessCIDR"}, "VPCID" : { "Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECID"] }, "PublicSubnetID": { "Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECPublicSubnetID"] } }, "TimeoutInMinutes" : "10" } }, "VPCGiLANBastionStack" : { "Condition" : "DeployVPCGiLAN", "DependsOn" : "VPCGiLANStack", "Type" : "AWS::CloudFormation::Stack", "Properties" : { "TemplateURL" : {"Fn::Sub": "https://${S3BucketName}.s3-${AWS::Region}.amazonaws.com/5g-env-bastion-EIP.template"}, "Parameters" : { "BastionInstanceName": {"Fn::Sub": "${VPCGiLANName}-Bastion"}, "BastionAMIOS": {"Ref": "BastionAMIOS"}, "BastionInstanceType": {"Ref": "BastionInstanceType"}, "EnableTCPForwarding": {"Ref": "EnableTCPForwarding"}, "KeyPairName": {"Ref": "KeyPairName"}, "RemoteAccessCIDR": {"Ref": "RemoteAccessCIDR"}, "VPCID" : { "Fn::GetAtt": ["VPCGiLANStack", "Outputs.VPCGiLANID"] }, "PublicSubnetID": { "Fn::GetAtt": ["VPCGiLANStack", "Outputs.VPCGiLANPublicSubnetID"] } }, "TimeoutInMinutes" : "10" } }, "VPCCPBastionStack" : { "Condition" : "DeployVPCCP", "DependsOn" : "VPCCPStack", "Type" : "AWS::CloudFormation::Stack", "Properties" : { "TemplateURL" : {"Fn::Sub": "https://${S3BucketName}.s3-${AWS::Region}.amazonaws.com/5g-env-bastion-EIP.template"}, "Parameters" : { "BastionInstanceName": {"Fn::Sub": "${VPCCPName}-Bastion"}, "BastionAMIOS": {"Ref": "BastionAMIOS"}, "BastionInstanceType": {"Ref": "BastionInstanceType"}, "EnableTCPForwarding": {"Ref": "EnableTCPForwarding"}, "KeyPairName": {"Ref": "KeyPairName"}, "RemoteAccessCIDR": {"Ref": "RemoteAccessCIDR"}, "VPCID" : { "Fn::GetAtt": ["VPCCPStack", "Outputs.VPCCPID"] }, "PublicSubnetID": { "Fn::GetAtt": ["VPCCPStack", "Outputs.VPCCPPublicSubnetID"] } }, "TimeoutInMinutes" : "10" } }, "VPCeNBVPCMECTransitGateway" : { "Condition" : "DeployVPCeNBVPCMECTGW", "DependsOn" : ["VPCeNBStack", "VPCMECStack"], "Type" : "AWS::EC2::TransitGateway", "Properties" : { "Description" : {"Fn::Sub": "${VPCeNBName}-${VPCMECName}-S1U-TGW"}, "DefaultRouteTableAssociation": "disable", "DefaultRouteTablePropagation": "disable", "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCeNBName}-${VPCMECName}-S1U-TGW"} } ] } }, "VPCeNBS1UTransitGatewayAttachment" : { "Condition" : "DeployVPCeNBVPCMECTGW", "DependsOn" : ["VPCeNBStack", "VPCeNBVPCMECTransitGateway"], "Type" : "AWS::EC2::TransitGatewayAttachment", "Properties" : { "SubnetIds" : [{ "Fn::GetAtt": ["VPCeNBStack", "Outputs.VPCeNBS1USubnetID"] }], "TransitGatewayId" : {"Ref" : "VPCeNBVPCMECTransitGateway"}, "VpcId" : {"Fn::GetAtt": ["VPCeNBStack", "Outputs.VPCeNBID"]}, "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCeNBName}-S1U-TGW-Attach"} } ] } }, "VPCMECS1UTransitGatewayAttachment" : { "Condition" : "DeployVPCeNBVPCMECTGW", "DependsOn" : ["VPCMECStack", "VPCeNBVPCMECTransitGateway"], "Type" : "AWS::EC2::TransitGatewayAttachment", "Properties" : { "SubnetIds" : [{ "Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECS1USubnetID"] }], "TransitGatewayId" : {"Ref" : "VPCeNBVPCMECTransitGateway"}, "VpcId" : {"Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECID"]}, "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCMECName}-S1U-TGW-Attach"} } ] } }, "VPCeNBVPCMECTransitGatewayRouteTable" : { "Condition" : "DeployVPCeNBVPCMECTGW", "DependsOn" : "VPCeNBVPCMECTransitGateway", "Type" : "AWS::EC2::TransitGatewayRouteTable", "Properties" : { "TransitGatewayId" : {"Ref" : "VPCeNBVPCMECTransitGateway"}, "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCeNBName}-${VPCMECName}-S1U-TGWrtbl"} } ] } }, "VPCeNBS1UTransitGatewayRoute" : { "Condition" : "DeployVPCeNBVPCMECTGW", "Type" : "AWS::EC2::TransitGatewayRoute", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCeNBVPCMECTransitGatewayRouteTable"}, "DestinationCidrBlock" : {"Ref": "VPCeNBCIDR"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCeNBS1UTransitGatewayAttachment"} } }, "VPCeNBENBNETTransitGatewayRoute" : { "Condition" : "DeployVPCeNBVPCMECTGW", "Type" : "AWS::EC2::TransitGatewayRoute", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCeNBVPCMECTransitGatewayRouteTable"}, "DestinationCidrBlock" : {"Ref": "ENBNETCIDR"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCeNBS1UTransitGatewayAttachment"} } }, "VPCMECS1UTransitGatewayRoute" : { "Condition" : "DeployVPCeNBVPCMECTGW", "Type" : "AWS::EC2::TransitGatewayRoute", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCeNBVPCMECTransitGatewayRouteTable"}, "DestinationCidrBlock" : {"Ref": "VPCMECCIDR"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCMECS1UTransitGatewayAttachment"} } }, "VPCeNBS1UTransitGatewayRouteTablePropagation" : { "Condition" : "DeployVPCeNBVPCMECTGW", "Type" : "AWS::EC2::TransitGatewayRouteTablePropagation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCeNBVPCMECTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCeNBS1UTransitGatewayAttachment"} } }, "VPCMECS1UTransitGatewayRouteTablePropagation" : { "Condition" : "DeployVPCeNBVPCMECTGW", "Type" : "AWS::EC2::TransitGatewayRouteTablePropagation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCeNBVPCMECTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCMECS1UTransitGatewayAttachment"} } }, "VPCeNBS1UTransitGatewayRouteTableAssociation" : { "Condition" : "DeployVPCeNBVPCMECTGW", "Type" : "AWS::EC2::TransitGatewayRouteTableAssociation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCeNBVPCMECTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCeNBS1UTransitGatewayAttachment"} } }, "VPCMECS1UTransitGatewayRouteTableAssociation" : { "Condition" : "DeployVPCeNBVPCMECTGW", "Type" : "AWS::EC2::TransitGatewayRouteTableAssociation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCeNBVPCMECTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCMECS1UTransitGatewayAttachment"} } }, "VPCMECVPCGiLANTransitGateway" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "DependsOn" : ["VPCMECStack", "VPCGiLANStack"], "Type" : "AWS::EC2::TransitGateway", "Properties" : { "Description" : {"Fn::Sub": "${VPCMECName}-${VPCGiLANName}-SGI-TGW"}, "DefaultRouteTableAssociation": "disable", "DefaultRouteTablePropagation": "disable", "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCMECName}-${VPCGiLANName}-SGI-TGW"} } ] } }, "VPCMECSGITransitGatewayAttachment" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "Type" : "AWS::EC2::TransitGatewayAttachment", "Properties" : { "SubnetIds" : [{ "Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECSGISubnetID"] }], "TransitGatewayId" : {"Ref" : "VPCMECVPCGiLANTransitGateway"}, "VpcId" : {"Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECID"]}, "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCMECName}-SGI-TGW-Attach"} } ] } }, "VPCGiLANSGITransitGatewayAttachment" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "Type" : "AWS::EC2::TransitGatewayAttachment", "Properties" : { "SubnetIds" : [{ "Fn::GetAtt": ["VPCGiLANStack", "Outputs.VPCGiLANSGISubnetID"] }], "TransitGatewayId" : {"Ref" : "VPCMECVPCGiLANTransitGateway"}, "VpcId" : {"Fn::GetAtt": ["VPCGiLANStack", "Outputs.VPCGiLANID"]}, "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCGiLANName}-SGI-TGW-Attach"} } ] } }, "VPCMECVPCGiLANTransitGatewayRouteTable" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "Type" : "AWS::EC2::TransitGatewayRouteTable", "Properties" : { "TransitGatewayId" : {"Ref" : "VPCMECVPCGiLANTransitGateway"}, "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCMECName}-${VPCGiLANName}-SGI-TGWrtbl"} } ] } }, "VPCMECSGITransitGatewayRoute" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "Type" : "AWS::EC2::TransitGatewayRoute", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCGiLANTransitGatewayRouteTable"}, "DestinationCidrBlock" : {"Ref": "VPCMECCIDR"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCMECSGITransitGatewayAttachment"} } }, "VPCMECUENETTransitGatewayRoute" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "Type" : "AWS::EC2::TransitGatewayRoute", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCGiLANTransitGatewayRouteTable"}, "DestinationCidrBlock" : {"Ref": "UENETCIDR"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCMECSGITransitGatewayAttachment"} } }, "VPCGiLANSGITransitGatewayRoute" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "Type" : "AWS::EC2::TransitGatewayRoute", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCGiLANTransitGatewayRouteTable"}, "DestinationCidrBlock" : {"Ref": "VPCGiLANCIDR"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCGiLANSGITransitGatewayAttachment"} } }, "VPCMECSGITransitGatewayRouteTablePropagation" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "Type" : "AWS::EC2::TransitGatewayRouteTablePropagation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCGiLANTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCMECSGITransitGatewayAttachment"} } }, "VPCGiLANSGITransitGatewayRouteTablePropagation" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "Type" : "AWS::EC2::TransitGatewayRouteTablePropagation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCGiLANTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCGiLANSGITransitGatewayAttachment"} } }, "VPCMECSGITransitGatewayRouteRouteTableAssociation" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "Type" : "AWS::EC2::TransitGatewayRouteTableAssociation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCGiLANTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCMECSGITransitGatewayAttachment"} } }, "VPCGiLANSGITransitGatewayRouteRouteTableAssociation" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "Type" : "AWS::EC2::TransitGatewayRouteTableAssociation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCGiLANTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCGiLANSGITransitGatewayAttachment"} } }, "VPCMECVPCCPTransitGateway" : { "Condition" : "DeployVPCMECVPCCPTGW", "DependsOn" : ["VPCMECStack", "VPCCPStack"], "Type" : "AWS::EC2::TransitGateway", "Properties" : { "Description" : {"Fn::Sub": "${VPCMECName}-${VPCCPName}-Mgmt-TGW"}, "DefaultRouteTableAssociation": "disable", "DefaultRouteTablePropagation": "disable", "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCMECName}-${VPCCPName}-Mgmt-TGW"} } ] } }, "VPCMECMgmtTransitGatewayAttachment" : { "Condition" : "DeployVPCMECVPCCPTGW", "Type" : "AWS::EC2::TransitGatewayAttachment", "Properties" : { "SubnetIds" : [{ "Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECPrivateSubnetID"] }], "TransitGatewayId" : {"Ref" : "VPCMECVPCCPTransitGateway"}, "VpcId" : {"Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECID"]}, "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCMECName}-Mgmt-TGW-Attach"} } ] } }, "VPCCPMgmtTransitGatewayAttachment" : { "Condition" : "DeployVPCMECVPCCPTGW", "Type" : "AWS::EC2::TransitGatewayAttachment", "Properties" : { "SubnetIds" : [{ "Fn::GetAtt": ["VPCCPStack", "Outputs.VPCCPPrivateSubnetID"] }], "TransitGatewayId" : {"Ref" : "VPCMECVPCCPTransitGateway"}, "VpcId" : {"Fn::GetAtt": ["VPCCPStack", "Outputs.VPCCPID"]}, "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCCPName}-Mgmt-TGW-Attach"} } ] } }, "VPCMECVPCCPTransitGatewayRouteTable" : { "Condition" : "DeployVPCMECVPCCPTGW", "Type" : "AWS::EC2::TransitGatewayRouteTable", "Properties" : { "TransitGatewayId" : {"Ref" : "VPCMECVPCCPTransitGateway"}, "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCMECName}-${VPCCPName}-Mgmt-TGWrtbl"} } ] } }, "VPCMECMgmtTransitGatewayRoute" : { "Condition" : "DeployVPCMECVPCCPTGW", "Type" : "AWS::EC2::TransitGatewayRoute", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCCPTransitGatewayRouteTable"}, "DestinationCidrBlock" : {"Ref": "VPCMECCIDR"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCMECMgmtTransitGatewayAttachment"} } }, "VPCCPMgmtTransitGatewayRoute" : { "Condition" : "DeployVPCMECVPCCPTGW", "Type" : "AWS::EC2::TransitGatewayRoute", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCCPTransitGatewayRouteTable"}, "DestinationCidrBlock" : {"Ref": "VPCCPCIDR"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCCPMgmtTransitGatewayAttachment"} } }, "VPCMECMgmtTransitGatewayRouteTablePropagation" : { "Condition" : "DeployVPCMECVPCCPTGW", "Type" : "AWS::EC2::TransitGatewayRouteTablePropagation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCCPTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCMECMgmtTransitGatewayAttachment"} } }, "VPCCPMgmtTransitGatewayRouteTablePropagation" : { "Condition" : "DeployVPCMECVPCCPTGW", "Type" : "AWS::EC2::TransitGatewayRouteTablePropagation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCCPTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCCPMgmtTransitGatewayAttachment"} } }, "VPCMECMgmtTransitGatewayRouteRouteTableAssociation" : { "Condition" : "DeployVPCMECVPCCPTGW", "Type" : "AWS::EC2::TransitGatewayRouteTableAssociation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCCPTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCMECMgmtTransitGatewayAttachment"} } }, "VPCCPMgmtTransitGatewayRouteRouteTableAssociation" : { "Condition" : "DeployVPCMECVPCCPTGW", "Type" : "AWS::EC2::TransitGatewayRouteTableAssociation", "Properties" : { "TransitGatewayRouteTableId" : {"Ref" : "VPCMECVPCCPTransitGatewayRouteTable"}, "TransitGatewayAttachmentId" : {"Ref" : "VPCCPMgmtTransitGatewayAttachment"} } }, "VPCeNBVPCGiLANPeeringConnection" : { "Condition" : "DeployVPCeNBVPCGiLANPC", "DependsOn" : ["VPCeNBStack", "VPCGiLANStack"], "Type": "AWS::EC2::VPCPeeringConnection", "Properties": { "VpcId" : {"Fn::GetAtt": ["VPCeNBStack", "Outputs.VPCeNBID"]}, "PeerVpcId" : {"Fn::GetAtt": ["VPCGiLANStack", "Outputs.VPCGiLANID"]}, "Tags" : [ { "Key" : "Name", "Value" : {"Fn::Sub": "${VPCeNBName}-${VPCGiLANName}-Peering"} } ] } }, "VPCeNBPrvSubnetMgmtRoute" : { "Condition" : "DeployVPCeNBVPCGiLANPC", "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : {"Fn::GetAtt": ["VPCeNBStack", "Outputs.VPCeNBPrvSubnetMgmtRouteTableID"]}, "DestinationCidrBlock" : {"Ref": "VPCGiLANCIDR"}, "VpcPeeringConnectionId" : {"Ref" : "VPCeNBVPCGiLANPeeringConnection"} } }, "VPCGiLANPrvSubnetMgmtRoute" : { "Condition" : "DeployVPCeNBVPCGiLANPC", "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : {"Fn::GetAtt": ["VPCGiLANStack", "Outputs.VPCGiLANPrvSubnetMgmtRouteTableID"]}, "DestinationCidrBlock" : {"Ref": "VPCeNBCIDR"}, "VpcPeeringConnectionId" : {"Ref" : "VPCeNBVPCGiLANPeeringConnection"} } }, "VPCeNBPrvSubnetS1URoute" : { "Condition" : "DeployVPCeNBVPCMECTGW", "DependsOn" : ["VPCeNBVPCMECTransitGateway", "VPCeNBS1UTransitGatewayAttachment"], "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : {"Fn::GetAtt": ["VPCeNBStack", "Outputs.VPCeNBPrvSubnetS1URouteTableID"]}, "DestinationCidrBlock" : {"Ref": "VPCMECCIDR"}, "TransitGatewayId" : {"Ref" : "VPCeNBVPCMECTransitGateway"} } }, "VPCMECPrvSubnetS1URoute" : { "Condition" : "DeployVPCeNBVPCMECTGW", "DependsOn" : ["VPCeNBVPCMECTransitGateway", "VPCMECS1UTransitGatewayAttachment"], "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : {"Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECPrvSubnetS1URouteTableID"]}, "DestinationCidrBlock" : {"Ref": "VPCeNBCIDR"}, "TransitGatewayId" : {"Ref" : "VPCeNBVPCMECTransitGateway"} } }, "VPCMECPrvSubnetENBNETRoute" : { "Condition" : "DeployVPCeNBVPCMECTGW", "DependsOn" : ["VPCeNBVPCMECTransitGateway", "VPCMECS1UTransitGatewayAttachment"], "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : {"Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECPrvSubnetS1URouteTableID"]}, "DestinationCidrBlock" : {"Ref": "ENBNETCIDR"}, "TransitGatewayId" : {"Ref" : "VPCeNBVPCMECTransitGateway"} } }, "VPCMECPrvSubnetSGIRoute" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "DependsOn" : ["VPCMECVPCGiLANTransitGateway", "VPCMECSGITransitGatewayAttachment"], "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : {"Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECPrvSubnetSGIRouteTableID"]}, "DestinationCidrBlock" : {"Ref": "VPCGiLANCIDR"}, "TransitGatewayId" : {"Ref" : "VPCMECVPCGiLANTransitGateway"} } }, "VPCGiLANPrvSubnetSGIRoute" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "DependsOn" : ["VPCMECVPCGiLANTransitGateway", "VPCGiLANSGITransitGatewayAttachment"], "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : {"Fn::GetAtt": ["VPCGiLANStack", "Outputs.VPCGiLANPrvSubnetSGIRouteTableID"]}, "DestinationCidrBlock" : {"Ref": "VPCMECCIDR"}, "TransitGatewayId" : {"Ref" : "VPCMECVPCGiLANTransitGateway"} } }, "VPCGiLANPrvSubnetUENETRoute" : { "Condition" : "DeployVPCMECVPCGiLANTGW", "DependsOn" : ["VPCMECVPCGiLANTransitGateway", "VPCGiLANSGITransitGatewayAttachment"], "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : {"Fn::GetAtt": ["VPCGiLANStack", "Outputs.VPCGiLANPrvSubnetSGIRouteTableID"]}, "DestinationCidrBlock" : {"Ref": "UENETCIDR"}, "TransitGatewayId" : {"Ref" : "VPCMECVPCGiLANTransitGateway"} } }, "VPCMECPrvSubnetMgmtRoute" : { "Condition" : "DeployVPCMECVPCCPTGW", "DependsOn" : ["VPCMECVPCCPTransitGateway", "VPCMECMgmtTransitGatewayAttachment"], "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : {"Fn::GetAtt": ["VPCMECStack", "Outputs.VPCMECPrvSubnetMgmtRouteTableID"]}, "DestinationCidrBlock" : {"Ref": "VPCCPCIDR"}, "TransitGatewayId" : {"Ref" : "VPCMECVPCCPTransitGateway"} } }, "VPCCPPrvSubnetMgmtRoute" : { "Condition" : "DeployVPCMECVPCCPTGW", "DependsOn" : ["VPCMECVPCCPTransitGateway", "VPCCPMgmtTransitGatewayAttachment"], "Type" : "AWS::EC2::Route", "Properties" : { "RouteTableId" : {"Fn::GetAtt": ["VPCCPStack", "Outputs.VPCCPPrvSubnetMgmtRouteTableID"]}, "DestinationCidrBlock" : {"Ref": "VPCMECCIDR"}, "TransitGatewayId" : {"Ref" : "VPCMECVPCCPTransitGateway"} } } } }