AWSTemplateFormatVersion: 2010-09-09
Description: Creating infrastructure Resources
Resources:
  VPC:
    Type: 'AWS::EC2::VPC'
    Properties:
      CidrBlock: 10.0.0.0/24
  PrivateSubnet1:
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref VPC
      CidrBlock: 10.0.0.0/26
      AvailabilityZone:
        Fn::Select:
          - 0
          - Fn::GetAZs: ""
  PrivateSubnet2:
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref VPC
      CidrBlock: 10.0.0.64/26
      AvailabilityZone:
        Fn::Select:
          - 1
          - Fn::GetAZs: ""
  PublicSubnet1:
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref VPC
      CidrBlock: 10.0.0.128/26
      AvailabilityZone:
        Fn::Select:
          - 0
          - Fn::GetAZs: ""
  PublicSubnet2:
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref VPC
      CidrBlock: 10.0.0.192/26
      AvailabilityZone:
        Fn::Select:
          - 1
          - Fn::GetAZs: ""
  InternetGateway:
    Type: 'AWS::EC2::InternetGateway'
  GatewayAttachment:
    Type: 'AWS::EC2::VPCGatewayAttachment'
    Properties:
      InternetGatewayId: !Ref InternetGateway
      VpcId: !Ref VPC
  RouteIGW:
    Type: AWS::EC2::Route
    Properties:
      RouteTableId: !Ref PublicRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway
  NAT1:
    Type: AWS::EC2::NatGateway
    Properties:
      AllocationId:
        Fn::GetAtt:
        - EIP1
        - AllocationId
      SubnetId: !Ref PublicSubnet1
  EIP1:
    Type: AWS::EC2::EIP
    Properties:
      Domain: vpc
  Route1:
    Type: AWS::EC2::Route
    Properties:
      RouteTableId:
        Ref: PrivateRouteTable1
      DestinationCidrBlock: 0.0.0.0/0
      NatGatewayId:
        Ref: NAT1
  NAT2:
    Type: AWS::EC2::NatGateway
    Properties:
      AllocationId:
        Fn::GetAtt:
        - EIP2
        - AllocationId
      SubnetId: !Ref PublicSubnet2
  EIP2:
    Type: AWS::EC2::EIP
    Properties:
      Domain: vpc
  Route2:
    Type: AWS::EC2::Route
    Properties:
      RouteTableId: !Ref PrivateRouteTable2
      DestinationCidrBlock: 0.0.0.0/0
      NatGatewayId: !Ref NAT2
  PublicRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
  PrivateRouteTable1:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
  PrivateRouteTable2:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
  RouteTableAssociation1:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref PublicSubnet1
      RouteTableId: !Ref PublicRouteTable
  RouteTableAssociation2:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref PublicSubnet2
      RouteTableId: !Ref PublicRouteTable
  RouteTableAssociation3:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref PrivateSubnet1
      RouteTableId: !Ref PrivateRouteTable1
  RouteTableAssociation4:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref PrivateSubnet2
      RouteTableId: !Ref PrivateRouteTable2
  ECSCluster:
    Type: AWS::ECS::Cluster
  ALBPublic:
    Type: AWS::ElasticLoadBalancingV2::LoadBalancer
    Properties:
      Scheme: internet-facing
      SecurityGroups:
        - !GetAtt SecurityGroupPublic.GroupId
      Subnets:
        - !Ref PublicSubnet1
        - !Ref PublicSubnet2
  ALBPrivate:
    Type: AWS::ElasticLoadBalancingV2::LoadBalancer
    Properties:
      Scheme: internal
      SecurityGroups:
        - !GetAtt SecurityGroupWebapp.GroupId
      Subnets:
        - !Ref PrivateSubnet1
        - !Ref PrivateSubnet2
  SecurityGroupPublic:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupName: ALBPublic
      GroupDescription: AllowWebTraffic
      VpcId: !Ref VPC
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
  SecurityGroupWebapp:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupName: WebAppSecurityGroup
      GroupDescription: WebAppSecurityGroupRules
      VpcId: !Ref VPC
  IngressRuleWebapp:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
      IpProtocol: tcp
      FromPort: 8080
      ToPort: 8080
      SourceSecurityGroupId: !GetAtt SecurityGroupPublic.GroupId
      GroupId: !GetAtt SecurityGroupWebapp.GroupId
  IngressRuleWebapp001:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
      IpProtocol: tcp
      FromPort: 8081
      ToPort: 8082
      SourceSecurityGroupId: !GetAtt SecurityGroupWebapp.GroupId
      GroupId: !GetAtt SecurityGroupWebapp.GroupId
Outputs:
  ECSCluster:
    Value: !Ref ECSCluster
  VPC:
    Value: !Ref VPC
  PrivateSubnet1:
    Value: !Ref PrivateSubnet1
  PrivateSubnet2:
    Value: !Ref PrivateSubnet2
  PublicSubnet1:
    Value: !Ref PublicSubnet1
  PublicSubnet2:
    Value: !Ref PublicSubnet2
  ALBPublic:
    Value: !Ref ALBPublic
  ALBPrivate:
    Value: !Ref ALBPrivate
  ALBPublicCNAME:
    Value: !GetAtt ALBPublic.DNSName
  ALBPrivateCNAME:
    Value: !GetAtt ALBPrivate.DNSName
  SecurityGroupWebapp:
    Value: !GetAtt SecurityGroupWebapp.GroupId