AWSTemplateFormatVersion: '2010-09-09' Description: > Well Architected Operational Excellence Lab Parameters: Cloud9CidrBlock: Description: The CIDR block range for your Cloud9 IDE VPC Type: String Default: 10.43.0.0/28 GitRepositoryURL: Description: The Git repository URL for the project we are cloning Type: String Default: https://github.com/awslabs/aws-well-architected-labs.git Resources: #------------------------------------------------------------ # Create a VPC with a public and private subnet #------------------------------------------------------------ VPC: Type: 'AWS::EC2::VPC' Properties: CidrBlock: 172.31.0.0/16 Tags: - Key: Name Value: !Sub "${AWS::StackName}-VPC" EnableDnsHostnames: true EnableDnsSupport: true PublicSubnet1: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Select - '0' - !GetAZs '' CidrBlock: 172.31.1.0/24 MapPublicIpOnLaunch: true PublicSubnet2: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Select - '1' - !GetAZs '' CidrBlock: 172.31.3.0/24 MapPublicIpOnLaunch: true PrivateSubnet1: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Select - '0' - !GetAZs '' CidrBlock: 172.31.2.0/24 MapPublicIpOnLaunch: false PrivateSubnet2: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC AvailabilityZone: !Select - '1' - !GetAZs '' CidrBlock: 172.31.4.0/24 MapPublicIpOnLaunch: false #------------------------------------------------------------- # Create an IGW and attach to the created VPC # Create a NAT GW with an associated public IP address. #------------------------------------------------------------- IGW: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: !Sub "${AWS::StackName}-InternetGateway" IGWAttach: Type: AWS::EC2::VPCGatewayAttachment Properties: VpcId: !Ref VPC InternetGatewayId: !Ref IGW NatGateway: Type: "AWS::EC2::NatGateway" DependsOn: NatPublicIP Properties: AllocationId: !GetAtt NatPublicIP.AllocationId SubnetId: !Ref PublicSubnet1 NatPublicIP: Type: "AWS::EC2::EIP" DependsOn: VPC Properties: Domain: vpc #------------------------------------------------------------- # Create public route table and attach to the public subnets #------------------------------------------------------------- PublicRouteTable1: Type: 'AWS::EC2::RouteTable' Properties: VpcId: !Ref VPC Tags: - Key: Name Value: !Sub "${AWS::StackName}-Public-RouteTable1" PublicRouteTable2: Type: 'AWS::EC2::RouteTable' Properties: VpcId: !Ref VPC Tags: - Key: Name Value: !Sub "${AWS::StackName}-Public-RouteTable2" PublicRoute1: Type: 'AWS::EC2::Route' DependsOn: - IGW - IGWAttach Properties: RouteTableId: !Ref PublicRouteTable1 DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref IGW PublicRoute2: Type: 'AWS::EC2::Route' DependsOn: - IGW - IGWAttach Properties: RouteTableId: !Ref PublicRouteTable2 DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref IGW PublicSubnet1RouteTableAssociation1: Type: 'AWS::EC2::SubnetRouteTableAssociation' Properties: SubnetId: !Ref PublicSubnet1 RouteTableId: !Ref PublicRouteTable1 PublicSubnet1RouteTableAssociation2: Type: 'AWS::EC2::SubnetRouteTableAssociation' Properties: SubnetId: !Ref PublicSubnet2 RouteTableId: !Ref PublicRouteTable2 #------------------------------------------------------------- # Create public route table and attach to the public subnets #------------------------------------------------------------- PrivateRouteTable1: Type: 'AWS::EC2::RouteTable' Properties: VpcId: !Ref VPC PrivateRouteTable2: Type: 'AWS::EC2::RouteTable' Properties: VpcId: !Ref VPC PrivateRoute1: Type: 'AWS::EC2::Route' DependsOn: IGW Properties: RouteTableId: !Ref PrivateRouteTable1 DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: !Ref NatGateway PrivateRoute2: Type: 'AWS::EC2::Route' DependsOn: IGW Properties: RouteTableId: !Ref PrivateRouteTable2 DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: !Ref NatGateway PrivateSubnet1RouteTableAssociation1: Type: 'AWS::EC2::SubnetRouteTableAssociation' Properties: SubnetId: !Ref PrivateSubnet1 RouteTableId: !Ref PrivateRouteTable1 PrivateSubnet1RouteTableAssociation2: Type: 'AWS::EC2::SubnetRouteTableAssociation' Properties: SubnetId: !Ref PrivateSubnet2 RouteTableId: !Ref PrivateRouteTable2 # ------------------ # ECR Repository # ------------------ AppContainerRepository: Type: AWS::ECR::Repository Properties: RepositoryName: walab-ops-sample-application Cloud9: Type: AWS::Cloud9::EnvironmentEC2 Properties: AutomaticStopTimeMinutes: 30 Description: Well Architected Operational Excellence lab workspace InstanceType: t2.small ImageId: amazonlinux-2-x86_64 Name: !Sub "WellArchitectedOps-${AWS::StackName}" Repositories: - PathComponent: /aws-well-architected-labs RepositoryUrl: !Ref GitRepositoryURL SubnetId: !Ref PublicSubnet1 Outputs: Cloud9DevEnvUrl: Description: Cloud9 Development Environment Value: !Sub "https://${AWS::Region}.console.aws.amazon.com/cloud9/ide/${Cloud9}" Outputs: OutputVPC: Description: Baseline VPC Value: !Ref VPC Export: Name: !Sub "${AWS::StackName}-VpcId" OutputVPCCidrBlock: Description: Baseline VPC Cidr Block Value: !GetAtt VPC.CidrBlock Export: Name: !Sub "${AWS::StackName}-VpcCidrBlock" OutputPublicSubnet1: Description: Public Subnet 1 VPC Value: !Ref PublicSubnet1 Export: Name: !Sub "${AWS::StackName}-PublicSubnet1" OutputPublicSubnet2: Description: Public Subnet 2 VPC Value: !Ref PublicSubnet2 Export: Name: !Sub "${AWS::StackName}-PublicSubnet2" OutputPrivateSubnet1: Description: Private Subnet 1 VPC Value: !Ref PrivateSubnet1 Export: Name: !Sub "${AWS::StackName}-PrivateSubnet1" OutputPrivateSubnet2: Description: Private Subnet 2 VPC Value: !Ref PrivateSubnet2 Export: Name: !Sub "${AWS::StackName}-PrivateSubnet2" OutputAppContainerRepository: Description: Applicaton ECR Repository Value: !Ref AppContainerRepository Export: Name: !Sub "${AWS::StackName}-AppContainerRepository"