AWSTemplateFormatVersion: 2010-09-09 Description: This template deploys a VPC, with a public and private subnets. It deploys an internet gateway, with a default route on the public subnets. It deploys a NAT gateway, and default routes for it in the private subnet. In addition it creates the ParallelCluster additional policies required to tag the instances. Parameters: EnvironmentName: Description: An environment name that is prefixed to resource names Type: String VpcCIDR: Description: Please enter the IP range (CIDR notation) for this VPC Type: String Default: 10.0.0.0/16 PublicSubnetCIDR: Description: Please enter the IP range (CIDR notation) for the public subnet Type: String Default: 10.0.0.0/24 PrivateSubnetCIDR: Description: Please enter the IP range (CIDR notation) for the private subnet Type: String Default: 10.0.1.0/24 Resources: pclusterManageTags: Type: 'AWS::IAM::ManagedPolicy' Properties: ManagedPolicyName: pclusterTagsAndBudget Path: / PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Action: - 'ec2:DeleteTags' - 'ec2:DescribeTags' - 'ec2:CreateTags' Resource: '*' - Effect: Allow Action: - 'budgets:ViewBudget' Resource: 'arn:aws:budgets::*:budget/*' VPC: Type: AWS::EC2::VPC Properties: CidrBlock: !Ref VpcCIDR EnableDnsSupport: true EnableDnsHostnames: true Tags: - Key: Name Value: !Ref EnvironmentName InternetGateway: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: !Ref EnvironmentName InternetGatewayAttachment: Type: AWS::EC2::VPCGatewayAttachment Properties: InternetGatewayId: !Ref InternetGateway VpcId: !Ref VPC PublicSubnet: Type: AWS::EC2::Subnet Properties: VpcId: !Ref VPC AvailabilityZone: !Select [ 0, !GetAZs '' ] CidrBlock: !Ref PublicSubnetCIDR MapPublicIpOnLaunch: true Tags: - Key: Name Value: !Sub ${EnvironmentName} Public Subnet PrivateSubnet: Type: AWS::EC2::Subnet Properties: VpcId: !Ref VPC AvailabilityZone: !Select [ 0, !GetAZs '' ] CidrBlock: !Ref PrivateSubnetCIDR MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Sub ${EnvironmentName} Private Subnet NatGatewayEIP: Type: AWS::EC2::EIP DependsOn: InternetGatewayAttachment Properties: Domain: vpc NatGateway: Type: AWS::EC2::NatGateway Properties: AllocationId: !GetAtt NatGatewayEIP.AllocationId SubnetId: !Ref PublicSubnet PublicRouteTable: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref VPC Tags: - Key: Name Value: !Sub ${EnvironmentName} Public Routes DefaultPublicRoute: Type: AWS::EC2::Route DependsOn: InternetGatewayAttachment Properties: RouteTableId: !Ref PublicRouteTable DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref InternetGateway PublicSubnetRouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref PublicRouteTable SubnetId: !Ref PublicSubnet PrivateRouteTable: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref VPC Tags: - Key: Name Value: !Sub ${EnvironmentName} Private Routes DefaultPrivateRoute: Type: AWS::EC2::Route Properties: RouteTableId: !Ref PrivateRouteTable DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: !Ref NatGateway PrivateSubnetRouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref PrivateRouteTable SubnetId: !Ref PrivateSubnet Outputs: VPC: Description: A reference to the created VPC Value: !Ref VPC PublicSubnets: Description: Public Subnet Value: !Ref PublicSubnet PrivateSubnet: Description: Private Subnet Value: !Ref PrivateSubnet PclusterPolicy: Description: PclusterPolicy Value: !Sub ${pclusterManageTags}