--- AWSTemplateFormatVersion: 2010-09-09 Description: Reference Architecture to host WordPress on AWS - Creates New VPC Metadata: Authors: Description: Darryl Osborne (darrylo@amazon.com) License: Description: 'Copyright 2018 Amazon.com, Inc. and its affiliates. All Rights Reserved. SPDX-License-Identifier: MIT-0' AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Amazon VPC Parameters Parameters: - NumberOfAZs - AvailabilityZones - VpcCidr - VpcTenancy - PublicSubnet0Cidr - PublicSubnet1Cidr - PublicSubnet2Cidr - PublicSubnet3Cidr - PublicSubnet4Cidr - PublicSubnet5Cidr - WebSubnet0Cidr - WebSubnet1Cidr - WebSubnet2Cidr - WebSubnet3Cidr - WebSubnet4Cidr - WebSubnet5Cidr - DataSubnet0Cidr - DataSubnet1Cidr - DataSubnet2Cidr - DataSubnet3Cidr - DataSubnet4Cidr - DataSubnet5Cidr ParameterLabels: AvailabilityZones: default: Availability Zones NumberOfAZs: default: Number of Availability Zones VpcCidr: default: VpcCidr VpcTenancy: default: VpcTenancy PublicSubnet0Cidr: default: Public Subnet 0 PublicSubnet1Cidr: default: Public Subnet 1 PublicSubnet2Cidr: default: Public Subnet 2 PublicSubnet3Cidr: default: Public Subnet 3 PublicSubnet4Cidr: default: Public Subnet 4 PublicSubnet5Cidr: default: Public Subnet 5 WebSubnet0Cidr: default: Web Subnet 0 WebSubnet1Cidr: default: Web Subnet 1 WebSubnet2Cidr: default: Web Subnet 2 WebSubnet3Cidr: default: Web Subnet 3 WebSubnet4Cidr: default: Web Subnet 4 WebSubnet5Cidr: default: Web Subnet 5 DataSubnet0Cidr: default: Data Subnet 0 DataSubnet1Cidr: default: Data Subnet 1 DataSubnet2Cidr: default: Data Subnet 2 DataSubnet3Cidr: default: Data Subnet 3 DataSubnet4Cidr: default: Data Subnet 4 DataSubnet5Cidr: default: Data Subnet 5 Parameters: AvailabilityZones: Description: 'List of Availability Zones to use for the subnets in the VPC. Note: The logical order is preserved.' Type: List NumberOfAZs: AllowedValues: - 2 - 3 - 4 - 5 - 6 Default: 3 Description: Number of Availability Zones to use in the VPC. This must match your selections in the list of Availability Zones parameter. Type: Number VpcCidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.0.0/16 Description: CIDR block for the VPC Type: String VpcTenancy: AllowedValues: - default - dedicated Default: default Description: The allowed tenancy of instances launched into the VPC Type: String DataSubnet0Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.100.0/24 Description: CIDR block for data subnet 0 located in Availability Zone 0 Type: String DataSubnet1Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.101.0/24 Description: CIDR block for data subnet 1 located in Availability Zone 1 Type: String DataSubnet2Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.102.0/24 Description: CIDR block for data subnet 2 located in Availability Zone 2 Type: String DataSubnet3Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.103.0/24 Description: CIDR block for data subnet 3 located in Availability Zone 3 Type: String DataSubnet4Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.104.0/24 Description: CIDR block for data subnet 4 located in Availability Zone 4 Type: String DataSubnet5Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.105.0/24 Description: CIDR block for data subnet 5 located in Availability Zone 5 Type: String PublicSubnet0Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.200.0/24 Description: CIDR block for Public subnet 0 located in Availability Zone 0 Type: String PublicSubnet1Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.201.0/24 Description: CIDR block for Public subnet 1 located in Availability Zone 1 Type: String PublicSubnet2Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.202.0/24 Description: CIDR block for Public subnet 2 located in Availability Zone 2 Type: String PublicSubnet3Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.203.0/24 Description: CIDR block for Public subnet 3 located in Availability Zone 3 Type: String PublicSubnet4Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.204.0/24 Description: CIDR block for Public subnet 4 located in Availability Zone 4 Type: String PublicSubnet5Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.205.0/24 Description: CIDR block for Public subnet 5 located in Availability Zone 5 Type: String WebSubnet0Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.0.0/22 Description: CIDR block for Web subnet 0 located in Availability Zone 0 Type: String WebSubnet1Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.4.0/22 Description: CIDR block for Web subnet 1 located in Availability Zone 1 Type: String WebSubnet2Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.8.0/22 Description: CIDR block for Web subnet 2 located in Availability Zone 2 Type: String WebSubnet3Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.12.0/22 Description: CIDR block for Web subnet 3 located in Availability Zone 3 Type: String WebSubnet4Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.16.0/22 Description: CIDR block for Web subnet 4 located in Availability Zone 4 Type: String WebSubnet5Cidr: AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$" ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.20.0/22 Description: CIDR block for Web subnet 5 located in Availability Zone 5 Type: String Conditions: NumberOfAZs1: !Equals [ '1', !Ref NumberOfAZs ] NumberOfAZs2: !Equals [ '2', !Ref NumberOfAZs ] NumberOfAZs3: !Equals [ '3', !Ref NumberOfAZs ] NumberOfAZs4: !Equals [ '4', !Ref NumberOfAZs ] NumberOfAZs5: !Equals [ '5', !Ref NumberOfAZs ] NumberOfAZs6: !Equals [ '6', !Ref NumberOfAZs ] AZ0: !Or - !Condition NumberOfAZs1 - !Condition NumberOfAZs2 - !Condition NumberOfAZs3 - !Condition NumberOfAZs4 - !Condition NumberOfAZs5 - !Condition NumberOfAZs6 AZ1: !Or - !Condition NumberOfAZs2 - !Condition NumberOfAZs3 - !Condition NumberOfAZs4 - !Condition NumberOfAZs5 - !Condition NumberOfAZs6 AZ2: !Or - !Condition NumberOfAZs3 - !Condition NumberOfAZs4 - !Condition NumberOfAZs5 - !Condition NumberOfAZs6 AZ3: !Or - !Condition NumberOfAZs4 - !Condition NumberOfAZs5 - !Condition NumberOfAZs6 AZ4: !Or - !Condition NumberOfAZs5 - !Condition NumberOfAZs6 AZ5: !Condition NumberOfAZs6 Resources: WebSubnet0: Condition: AZ0 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 0, !Ref AvailabilityZones ] CidrBlock: !Ref WebSubnet0Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'WebSubnet0 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc WebSubnet1: Condition: AZ1 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 1, !Ref AvailabilityZones ] CidrBlock: !Ref WebSubnet1Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'WebSubnet1 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc WebSubnet2: Condition: AZ2 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 2, !Ref AvailabilityZones ] CidrBlock: !Ref WebSubnet2Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'WebSubnet2 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc WebSubnet3: Condition: AZ3 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 3, !Ref AvailabilityZones ] CidrBlock: !Ref WebSubnet3Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'WebSubnet3 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc WebSubnet4: Condition: AZ4 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 4, !Ref AvailabilityZones ] CidrBlock: !Ref WebSubnet4Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'WebSubnet4 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc WebSubnet5: Condition: AZ5 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 5, !Ref AvailabilityZones ] CidrBlock: !Ref WebSubnet5Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'WebSubnet5 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc WebSubnetRouteTableAssociation0: Condition: AZ0 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable0 SubnetId: !Ref WebSubnet0 WebSubnetRouteTableAssociation1: Condition: AZ1 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable1 SubnetId: !Ref WebSubnet1 WebSubnetRouteTableAssociation2: Condition: AZ2 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable2 SubnetId: !Ref WebSubnet2 WebSubnetRouteTableAssociation3: Condition: AZ3 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable3 SubnetId: !Ref WebSubnet3 WebSubnetRouteTableAssociation4: Condition: AZ4 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable4 SubnetId: !Ref WebSubnet4 WebSubnetRouteTableAssociation5: Condition: AZ5 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable5 SubnetId: !Ref WebSubnet5 DataSubnet0: Condition: AZ0 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 0, !Ref AvailabilityZones ] CidrBlock: !Ref DataSubnet0Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'DataSubnet0 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc DataSubnet1: Condition: AZ1 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 1, !Ref AvailabilityZones ] CidrBlock: !Ref DataSubnet1Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'DataSubnet1 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc DataSubnet2: Condition: AZ2 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 2, !Ref AvailabilityZones ] CidrBlock: !Ref DataSubnet2Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'DataSubnet2 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc DataSubnet3: Condition: AZ3 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 3, !Ref AvailabilityZones ] CidrBlock: !Ref DataSubnet3Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'DataSubnet3 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc DataSubnet4: Condition: AZ4 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 4, !Ref AvailabilityZones ] CidrBlock: !Ref DataSubnet4Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'DataSubnet4 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc DataSubnet5: Condition: AZ5 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 5, !Ref AvailabilityZones ] CidrBlock: !Ref DataSubnet5Cidr MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Join [ '', [ 'DataSubnet5 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Private VpcId: !Ref Vpc DataSubnetRouteTableAssociation0: Condition: AZ0 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable0 SubnetId: !Ref DataSubnet0 DataSubnetRouteTableAssociation1: Condition: AZ1 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable1 SubnetId: !Ref DataSubnet1 DataSubnetRouteTableAssociation2: Condition: AZ2 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable2 SubnetId: !Ref DataSubnet2 DataSubnetRouteTableAssociation3: Condition: AZ3 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable3 SubnetId: !Ref DataSubnet3 DataSubnetRouteTableAssociation4: Condition: AZ4 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable4 SubnetId: !Ref DataSubnet4 DataSubnetRouteTableAssociation5: Condition: AZ5 Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref NatRouteTable5 SubnetId: !Ref DataSubnet5 InternetGateway: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: !Join [ '', [ 'InternetGateway / ', !Ref 'AWS::StackName' ] ] AttachInternetGateway: Type: AWS::EC2::VPCGatewayAttachment Properties: InternetGatewayId: !Ref InternetGateway VpcId: !Ref Vpc NatEIP0: Condition: AZ0 Type: AWS::EC2::EIP Properties: Domain: vpc NatGateway0: Condition: AZ0 Type: AWS::EC2::NatGateway DependsOn: AttachInternetGateway Properties: AllocationId: !GetAtt NatEIP0.AllocationId SubnetId: !Ref PublicSubnet0 NatRoute0: Condition: AZ0 Type: AWS::EC2::Route Properties: RouteTableId: !Ref NatRouteTable0 DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: !Ref NatGateway0 NatRouteTable0: Condition: AZ0 Type: AWS::EC2::RouteTable Properties: Tags: - Key: Name Value: !Join [ '', ['NatRouteTable0 / ', !Ref 'AWS::StackName' ] ] - Key: Network Value: Public VpcId: !Ref Vpc NatEIP1: Condition: AZ1 Type: AWS::EC2::EIP Properties: Domain: vpc NatGateway1: Condition: AZ1 Type: AWS::EC2::NatGateway DependsOn: AttachInternetGateway Properties: AllocationId: !GetAtt NatEIP1.AllocationId SubnetId: !Ref PublicSubnet1 NatRoute1: Condition: AZ1 Type: AWS::EC2::Route Properties: RouteTableId: !Ref NatRouteTable1 DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: !Ref NatGateway1 NatRouteTable1: Condition: AZ1 Type: AWS::EC2::RouteTable Properties: Tags: - Key: Name Value: !Join [ '', [ 'NatRouteTable1 / ', !Ref 'AWS::StackName' ] ] - Key: Network Value: Public VpcId: !Ref Vpc NatEIP2: Condition: AZ2 Type: AWS::EC2::EIP Properties: Domain: vpc NatGateway2: Condition: AZ2 Type: AWS::EC2::NatGateway DependsOn: AttachInternetGateway Properties: AllocationId: !GetAtt NatEIP2.AllocationId SubnetId: !Ref PublicSubnet2 NatRoute2: Condition: AZ2 Type: AWS::EC2::Route Properties: RouteTableId: !Ref NatRouteTable2 DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: !Ref NatGateway2 NatRouteTable2: Condition: AZ2 Type: AWS::EC2::RouteTable Properties: Tags: - Key: Name Value: !Join [ '', [ 'NatRouteTable2 / ', !Ref 'AWS::StackName' ] ] - Key: Network Value: Public VpcId: !Ref Vpc NatEIP3: Condition: AZ3 Type: AWS::EC2::EIP Properties: Domain: vpc NatGateway3: Condition: AZ3 Type: AWS::EC2::NatGateway DependsOn: AttachInternetGateway Properties: AllocationId: !GetAtt NatEIP3.AllocationId SubnetId: !Ref PublicSubnet3 NatRoute3: Condition: AZ3 Type: AWS::EC2::Route Properties: RouteTableId: !Ref NatRouteTable3 DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: !Ref NatGateway3 NatRouteTable3: Condition: AZ3 Type: AWS::EC2::RouteTable Properties: Tags: - Key: Name Value: !Join [ '', [ 'NatRouteTable3 / ', !Ref 'AWS::StackName' ] ] - Key: Network Value: Public VpcId: !Ref Vpc NatEIP4: Condition: AZ4 Type: AWS::EC2::EIP Properties: Domain: vpc NatGateway4: Condition: AZ4 Type: AWS::EC2::NatGateway DependsOn: AttachInternetGateway Properties: AllocationId: !GetAtt NatEIP4.AllocationId SubnetId: !Ref PublicSubnet4 NatRoute4: Condition: AZ4 Type: AWS::EC2::Route Properties: RouteTableId: !Ref NatRouteTable4 DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: !Ref NatGateway4 NatRouteTable4: Condition: AZ4 Type: AWS::EC2::RouteTable Properties: Tags: - Key: Name Value: !Join [ '', [ 'NatRouteTable4 / ', !Ref 'AWS::StackName' ] ] - Key: Network Value: Public VpcId: !Ref Vpc NatEIP5: Condition: AZ5 Type: AWS::EC2::EIP Properties: Domain: vpc NatGateway5: Condition: AZ5 Type: AWS::EC2::NatGateway DependsOn: AttachInternetGateway Properties: AllocationId: !GetAtt NatEIP5.AllocationId SubnetId: !Ref PublicSubnet5 NatRoute5: Condition: AZ5 Type: AWS::EC2::Route Properties: RouteTableId: !Ref NatRouteTable5 DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: !Ref NatGateway5 NatRouteTable5: Condition: AZ5 Type: AWS::EC2::RouteTable Properties: Tags: - Key: Name Value: !Join [ '', [ 'NatRouteTable5 / ', !Ref 'AWS::StackName' ] ] - Key: Network Value: Public VpcId: !Ref Vpc PublicRoute: Type: AWS::EC2::Route DependsOn: AttachInternetGateway Properties: RouteTableId: !Ref PublicRouteTable DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref InternetGateway PublicRouteTable: Type: AWS::EC2::RouteTable Properties: Tags: - Key: Name Value: !Join [ '', [ 'PublicRouteTable / ', !Ref 'AWS::StackName' ] ] - Key: Network Value: Public VpcId: !Ref Vpc PublicRouteTableAssociation0: Condition: AZ0 Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PublicSubnet0 RouteTableId: !Ref PublicRouteTable PublicRouteTableAssociation1: Condition: AZ1 Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PublicSubnet1 RouteTableId: !Ref PublicRouteTable PublicRouteTableAssociation2: Condition: AZ2 Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PublicSubnet2 RouteTableId: !Ref PublicRouteTable PublicRouteTableAssociation3: Condition: AZ3 Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PublicSubnet3 RouteTableId: !Ref PublicRouteTable PublicRouteTableAssociation4: Condition: AZ4 Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PublicSubnet4 RouteTableId: !Ref PublicRouteTable PublicRouteTableAssociation5: Condition: AZ5 Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PublicSubnet5 RouteTableId: !Ref PublicRouteTable PublicSubnet0: Condition: AZ0 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 0, !Ref AvailabilityZones ] CidrBlock: !Ref PublicSubnet0Cidr MapPublicIpOnLaunch: true Tags: - Key: Name Value: !Join [ '', [ 'PublicSubnet0 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Public VpcId: !Ref Vpc PublicSubnet1: Condition: AZ1 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 1, !Ref AvailabilityZones ] CidrBlock: !Ref PublicSubnet1Cidr MapPublicIpOnLaunch: true Tags: - Key: Name Value: !Join [ '', [ 'PublicSubnet1 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Public VpcId: !Ref Vpc PublicSubnet2: Condition: AZ2 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 2, !Ref AvailabilityZones ] CidrBlock: !Ref PublicSubnet2Cidr MapPublicIpOnLaunch: true Tags: - Key: Name Value: !Join [ '', [ 'PublicSubnet2 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Public VpcId: !Ref Vpc PublicSubnet3: Condition: AZ3 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 3, !Ref AvailabilityZones ] CidrBlock: !Ref PublicSubnet3Cidr MapPublicIpOnLaunch: true Tags: - Key: Name Value: !Join [ '', [ 'PublicSubnet3 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Public VpcId: !Ref Vpc PublicSubnet4: Condition: AZ4 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 4, !Ref AvailabilityZones ] CidrBlock: !Ref PublicSubnet4Cidr MapPublicIpOnLaunch: true Tags: - Key: Name Value: !Join [ '', [ 'PublicSubnet4 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Public VpcId: !Ref Vpc PublicSubnet5: Condition: AZ5 Type: AWS::EC2::Subnet Properties: AvailabilityZone: !Select [ 5, !Ref AvailabilityZones ] CidrBlock: !Ref PublicSubnet5Cidr MapPublicIpOnLaunch: true Tags: - Key: Name Value: !Join [ '', [ 'PublicSubnet5 / ', !Ref 'AWS::StackName' ] ] - Key: SubnetType Value: Public VpcId: !Ref Vpc Vpc: Type: AWS::EC2::VPC Properties: CidrBlock: !Ref VpcCidr EnableDnsHostnames: true EnableDnsSupport: true Tags: - Key: Name Value: !Join [ '', [ 'Vpc / ', !Ref 'AWS::StackName' ] ] VpcFlowLog: Type: AWS::EC2::FlowLog Properties: DeliverLogsPermissionArn: !GetAtt VpcFlowLogsRole.Arn LogGroupName: !Join [ '', [ !Ref 'AWS::StackName', '-FlowLog' ] ] ResourceId: !Ref Vpc ResourceType: VPC TrafficType: ALL VpcFlowLogsLogGroup: Type: AWS::Logs::LogGroup VpcFlowLogsRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Action: - sts:AssumeRole Effect: Allow Principal: Service: - vpc-flow-logs.amazonaws.com Path: '/' Policies: - PolicyName: root PolicyDocument: Version: 2012-10-17 Statement: - Action: - logs:CreateLogGroup - logs:CreateLogStream - logs:DescribeLogGroups - logs:DescribeLogStreams - logs:PutLogEvents Effect: Allow Resource: '*' Outputs: Vpc: Value: !Ref Vpc VpcCidr: Value: !Ref VpcCidr PublicSubnet0: Condition: AZ0 Value: !Ref PublicSubnet0 PublicSubnet1: Condition: AZ1 Value: !Ref PublicSubnet1 PublicSubnet2: Condition: AZ2 Value: !Ref PublicSubnet2 PublicSubnet3: Condition: AZ3 Value: !Ref PublicSubnet3 PublicSubnet4: Condition: AZ4 Value: !Ref PublicSubnet4 PublicSubnet5: Condition: AZ5 Value: !Ref PublicSubnet5 WebSubnet0: Condition: AZ0 Value: !Ref WebSubnet0 WebSubnet1: Condition: AZ1 Value: !Ref WebSubnet1 WebSubnet2: Condition: AZ2 Value: !Ref WebSubnet2 WebSubnet3: Condition: AZ3 Value: !Ref WebSubnet3 WebSubnet4: Condition: AZ4 Value: !Ref WebSubnet4 WebSubnet5: Condition: AZ5 Value: !Ref WebSubnet5 DataSubnet0: Condition: AZ0 Value: !Ref DataSubnet0 DataSubnet1: Condition: AZ1 Value: !Ref DataSubnet1 DataSubnet2: Condition: AZ2 Value: !Ref DataSubnet2 DataSubnet3: Condition: AZ3 Value: !Ref DataSubnet3 DataSubnet4: Condition: AZ4 Value: !Ref DataSubnet4 DataSubnet5: Condition: AZ5 Value: !Ref DataSubnet5 DataSubnet: Value: !If [ NumberOfAZs1, !Ref DataSubnet0, !If [ NumberOfAZs2, !Join [ ',', [ !Ref DataSubnet0, !Ref DataSubnet1 ] ], !If [ NumberOfAZs3, !Join [ ',', [ !Ref DataSubnet0, !Ref DataSubnet1, !Ref DataSubnet2 ] ], !If [ NumberOfAZs4, !Join [ ',', [ !Ref DataSubnet0, !Ref DataSubnet1, !Ref DataSubnet2, !Ref DataSubnet3 ] ], !If [ NumberOfAZs5, !Join [ ',', [ !Ref DataSubnet0, !Ref DataSubnet1, !Ref DataSubnet2, !Ref DataSubnet3, !Ref DataSubnet4 ] ], !Join [ ',', [ !Ref DataSubnet0, !Ref DataSubnet1, !Ref DataSubnet2, !Ref DataSubnet3, !Ref DataSubnet4, !Ref DataSubnet5 ] ] ] ] ] ] ] WebSubnet: Value: !If [ NumberOfAZs1, !Ref WebSubnet0, !If [ NumberOfAZs2, !Join [ ',', [ !Ref WebSubnet0, !Ref WebSubnet1 ] ], !If [ NumberOfAZs3, !Join [ ',', [ !Ref WebSubnet0, !Ref WebSubnet1, !Ref WebSubnet2 ] ], !If [ NumberOfAZs4, !Join [ ',', [ !Ref WebSubnet0, !Ref WebSubnet1, !Ref WebSubnet2, !Ref WebSubnet3 ] ], !If [ NumberOfAZs5, !Join [ ',', [ !Ref WebSubnet0, !Ref WebSubnet1, !Ref WebSubnet2, !Ref WebSubnet3, !Ref WebSubnet4 ] ], !Join [ ',', [ !Ref WebSubnet0, !Ref WebSubnet1, !Ref WebSubnet2, !Ref WebSubnet3, !Ref WebSubnet4, !Ref WebSubnet5 ] ] ] ] ] ] ] PublicSubnet: Value: !If [ NumberOfAZs1, !Ref PublicSubnet0, !If [ NumberOfAZs2, !Join [ ',', [ !Ref PublicSubnet0, !Ref PublicSubnet1 ] ], !If [ NumberOfAZs3, !Join [ ',', [ !Ref PublicSubnet0, !Ref PublicSubnet1, !Ref PublicSubnet2 ] ], !If [ NumberOfAZs4, !Join [ ',', [ !Ref PublicSubnet0, !Ref PublicSubnet1, !Ref PublicSubnet2, !Ref PublicSubnet3 ] ], !If [ NumberOfAZs5, !Join [ ',', [ !Ref PublicSubnet0, !Ref PublicSubnet1, !Ref PublicSubnet2, !Ref PublicSubnet3, !Ref PublicSubnet4 ] ], !Join [ ',', [ !Ref PublicSubnet0, !Ref PublicSubnet1, !Ref PublicSubnet2, !Ref PublicSubnet3, !Ref PublicSubnet4, !Ref PublicSubnet5 ] ] ] ] ] ] ]