{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "DEPRECATED: This template has been deprecated in favor of the 'aws-vpc.template.yaml`, and is no longer being maintained. This template creates a Multi-AZ, multi-subnet VPC infrastructure with managed NAT gateways in the public subnet for each Availability Zone. You can also create additional private subnets with dedicated custom network access control lists (ACLs). If you deploy the Quick Start in a region that doesn't support NAT gateways, NAT instances are deployed instead. **WARNING** This template creates AWS resources. You will be billed for the AWS resources used if you create a stack from this template. (qs-1qnnspaap)", "Metadata": { "AWS::CloudFormation::Interface": { "ParameterGroups": [ { "Label": { "default": "Availability Zone Configuration" }, "Parameters": [ "AvailabilityZones", "NumberOfAZs" ] }, { "Label": { "default": "Network Configuration" }, "Parameters": [ "VPCCIDR", "PublicSubnet1CIDR", "PublicSubnet2CIDR", "PublicSubnet3CIDR", "PublicSubnet4CIDR", "PublicSubnetTag1", "PublicSubnetTag2", "PublicSubnetTag3", "CreatePrivateSubnets", "PrivateSubnet1ACIDR", "PrivateSubnet2ACIDR", "PrivateSubnet3ACIDR", "PrivateSubnet4ACIDR", "PrivateSubnetATag1", "PrivateSubnetATag2", "PrivateSubnetATag3", "CreateAdditionalPrivateSubnets", "PrivateSubnet1BCIDR", "PrivateSubnet2BCIDR", "PrivateSubnet3BCIDR", "PrivateSubnet4BCIDR", "PrivateSubnetBTag1", "PrivateSubnetBTag2", "PrivateSubnetBTag3", "VPCTenancy" ] }, { "Label": { "default": "Deprecated: NAT Instance Configuration" }, "Parameters": [ "KeyPairName", "NATInstanceType" ] } ], "ParameterLabels": { "AvailabilityZones": { "default": "Availability Zones" }, "CreateAdditionalPrivateSubnets": { "default": "Create additional private subnets with dedicated network ACLs" }, "CreatePrivateSubnets": { "default": "Create private subnets" }, "KeyPairName": { "default": "Deprecated: Key pair name" }, "NATInstanceType": { "default": "Deprecated: NAT instance type" }, "NumberOfAZs": { "default": "Number of Availability Zones" }, "PrivateSubnet1ACIDR": { "default": "Private subnet 1A CIDR" }, "PrivateSubnet1BCIDR": { "default": "Private subnet 1B with dedicated network ACL CIDR" }, "PrivateSubnet2ACIDR": { "default": "Private subnet 2A CIDR" }, "PrivateSubnet2BCIDR": { "default": "Private subnet 2B with dedicated network ACL CIDR" }, "PrivateSubnet3ACIDR": { "default": "Private subnet 3A CIDR" }, "PrivateSubnet3BCIDR": { "default": "Private subnet 3B with dedicated network ACL CIDR" }, "PrivateSubnet4ACIDR": { "default": "Private subnet 4A CIDR" }, "PrivateSubnet4BCIDR": { "default": "Private subnet 4B with dedicated network ACL CIDR" }, "PrivateSubnetATag1": { "default": "Tag for Private A Subnets" }, "PrivateSubnetATag2": { "default": "Tag for Private A Subnets" }, "PrivateSubnetATag3": { "default": "Tag for Private A Subnets" }, "PrivateSubnetBTag1": { "default": "Tag for Private B Subnets" }, "PrivateSubnetBTag2": { "default": "Tag for Private B Subnets" }, "PrivateSubnetBTag3": { "default": "Tag for Private B Subnets" }, "PublicSubnet1CIDR": { "default": "Public subnet 1 CIDR" }, "PublicSubnet2CIDR": { "default": "Public subnet 2 CIDR" }, "PublicSubnet3CIDR": { "default": "Public subnet 3 CIDR" }, "PublicSubnet4CIDR": { "default": "Public subnet 4 CIDR" }, "PublicSubnetTag1": { "default": "Tag for Public Subnets" }, "PublicSubnetTag2": { "default": "Tag for Public Subnets" }, "PublicSubnetTag3": { "default": "Tag for Public Subnets" }, "VPCCIDR": { "default": "VPC CIDR" }, "VPCTenancy": { "default": "VPC Tenancy" } } } }, "Parameters": { "AvailabilityZones": { "Description": "List of Availability Zones to use for the subnets in the VPC. Note: The logical order is preserved.", "Type": "List" }, "CreateAdditionalPrivateSubnets": { "AllowedValues": [ "true", "false" ], "Default": "false", "Description": "Set to true to create a network ACL protected subnet in each Availability Zone. If false, the CIDR parameters for those subnets will be ignored. If true, it also requires that the 'Create private subnets' parameter is also true to have any effect.", "Type": "String" }, "CreatePrivateSubnets": { "AllowedValues": [ "true", "false" ], "Default": "true", "Description": "Set to false to create only public subnets. If false, the CIDR parameters for ALL private subnets will be ignored.", "Type": "String" }, "KeyPairName": { "Description": "Deprecated. NAT gateways are now supported in all regions.", "Type": "String", "Default": "deprecated" }, "NATInstanceType": { "Default": "deprecated", "Description": "Deprecated. NAT gateways are now supported in all regions.", "Type": "String" }, "NumberOfAZs": { "AllowedValues": [ "2", "3", "4" ], "Default": "2", "Description": "Number of Availability Zones to use in the VPC. This must match your selections in the list of Availability Zones parameter.", "Type": "String" }, "PrivateSubnet1ACIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.0.0/19", "Description": "CIDR block for private subnet 1A located in Availability Zone 1", "Type": "String" }, "PrivateSubnet1BCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.192.0/21", "Description": "CIDR block for private subnet 1B with dedicated network ACL located in Availability Zone 1", "Type": "String" }, "PrivateSubnet2ACIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.32.0/19", "Description": "CIDR block for private subnet 2A located in Availability Zone 2", "Type": "String" }, "PrivateSubnet2BCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.200.0/21", "Description": "CIDR block for private subnet 2B with dedicated network ACL located in Availability Zone 2", "Type": "String" }, "PrivateSubnet3ACIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.64.0/19", "Description": "CIDR block for private subnet 3A located in Availability Zone 3", "Type": "String" }, "PrivateSubnet3BCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.208.0/21", "Description": "CIDR block for private subnet 3B with dedicated network ACL located in Availability Zone 3", "Type": "String" }, "PrivateSubnet4ACIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.96.0/19", "Description": "CIDR block for private subnet 4A located in Availability Zone 4", "Type": "String" }, "PrivateSubnet4BCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.216.0/21", "Description": "CIDR block for private subnet 4B with dedicated network ACL located in Availability Zone 4", "Type": "String" }, "PrivateSubnetATag1": { "AllowedPattern": "^([a-zA-Z0-9+\\-._:/@]+=[a-zA-Z0-9+\\-.,_:/@ *\\\\\"'\\[\\]\\{\\}]*)?$", "ConstraintDescription": "tags must be in format \"Key=Value\" keys can only contain [a-zA-Z0-9+\\-._:/@], values can contain [a-zA-Z0-9+\\-._:/@ *\\\\\"'\\[\\]\\{\\}]", "Default": "Network=Private", "Description": "tag to add to private subnets A, in format Key=Value (Optional)", "Type": "String" }, "PrivateSubnetATag2": { "AllowedPattern": "^([a-zA-Z0-9+\\-._:/@]+=[a-zA-Z0-9+\\-.,_:/@ *\\\\\"'\\[\\]\\{\\}]*)?$", "ConstraintDescription": "tags must be in format \"Key=Value\" keys can only contain [a-zA-Z0-9+\\-._:/@], values can contain [a-zA-Z0-9+\\-._:/@ *\\\\\"'\\[\\]\\{\\}]", "Default": "", "Description": "tag to add to private subnets A, in format Key=Value (Optional)", "Type": "String" }, "PrivateSubnetATag3": { "AllowedPattern": "^([a-zA-Z0-9+\\-._:/@]+=[a-zA-Z0-9+\\-.,_:/@ *\\\\\"'\\[\\]\\{\\}]*)?$", "ConstraintDescription": "tags must be in format \"Key=Value\" keys can only contain [a-zA-Z0-9+\\-._:/@], values can contain [a-zA-Z0-9+\\-._:/@ *\\\\\"'\\[\\]\\{\\}]", "Default": "", "Description": "tag to add to private subnets A, in format Key=Value (Optional)", "Type": "String" }, "PrivateSubnetBTag1": { "AllowedPattern": "^([a-zA-Z0-9+\\-._:/@]+=[a-zA-Z0-9+\\-.,_:/@ *\\\\\"'\\[\\]\\{\\}]*)?$", "ConstraintDescription": "tags must be in format \"Key=Value\" keys can only contain [a-zA-Z0-9+\\-._:/@], values can contain [a-zA-Z0-9+\\-._:/@ *\\\\\"'\\[\\]\\{\\}]", "Default": "Network=Private", "Description": "tag to add to private subnets B, in format Key=Value (Optional)", "Type": "String" }, "PrivateSubnetBTag2": { "AllowedPattern": "^([a-zA-Z0-9+\\-._:/@]+=[a-zA-Z0-9+\\-.,_:/@ *\\\\\"'\\[\\]\\{\\}]*)?$", "ConstraintDescription": "tags must be in format \"Key=Value\" keys can only contain [a-zA-Z0-9+\\-._:/@], values can contain [a-zA-Z0-9+\\-._:/@ *\\\\\"'\\[\\]\\{\\}]", "Default": "", "Description": "tag to add to private subnets B, in format Key=Value (Optional)", "Type": "String" }, "PrivateSubnetBTag3": { "AllowedPattern": "^([a-zA-Z0-9+\\-._:/@]+=[a-zA-Z0-9+\\-.,_:/@ *\\\\\"'\\[\\]\\{\\}]*)?$", "ConstraintDescription": "tags must be in format \"Key=Value\" keys can only contain [a-zA-Z0-9+\\-._:/@], values can contain [a-zA-Z0-9+\\-._:/@ *\\\\\"'\\[\\]\\{\\}]", "Default": "", "Description": "tag to add to private subnets B, in format Key=Value (Optional)", "Type": "String" }, "PublicSubnet1CIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.128.0/20", "Description": "CIDR block for the public DMZ subnet 1 located in Availability Zone 1", "Type": "String" }, "PublicSubnet2CIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.144.0/20", "Description": "CIDR block for the public DMZ subnet 2 located in Availability Zone 2", "Type": "String" }, "PublicSubnet3CIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.160.0/20", "Description": "CIDR block for the public DMZ subnet 3 located in Availability Zone 3", "Type": "String" }, "PublicSubnet4CIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.176.0/20", "Description": "CIDR block for the public DMZ subnet 4 located in Availability Zone 4", "Type": "String" }, "PublicSubnetTag1": { "AllowedPattern": "^([a-zA-Z0-9+\\-._:/@]+=[a-zA-Z0-9+\\-.,_:/@ *\\\\\"'\\[\\]\\{\\}]*)?$", "ConstraintDescription": "tags must be in format \"Key=Value\" keys can only contain [a-zA-Z0-9+\\-._:/@], values can contain [a-zA-Z0-9+\\-._:/@ *\\\\\"'\\[\\]\\{\\}]", "Default": "Network=Public", "Description": "tag to add to public subnets, in format Key=Value (Optional)", "Type": "String" }, "PublicSubnetTag2": { "AllowedPattern": "^([a-zA-Z0-9+\\-._:/@]+=[a-zA-Z0-9+\\-.,_:/@ *\\\\\"'\\[\\]\\{\\}]*)?$", "ConstraintDescription": "tags must be in format \"Key=Value\" keys can only contain [a-zA-Z0-9+\\-._:/@], values can contain [a-zA-Z0-9+\\-._:/@ *\\\\\"'\\[\\]\\{\\}]", "Default": "", "Description": "tag to add to public subnets, in format Key=Value (Optional)", "Type": "String" }, "PublicSubnetTag3": { "AllowedPattern": "^([a-zA-Z0-9+\\-._:/@]+=[a-zA-Z0-9+\\-.,_:/@ *\\\\\"'\\[\\]\\{\\}]*)?$", "ConstraintDescription": "tags must be in format \"Key=Value\" keys can only contain [a-zA-Z0-9+\\-._:/@], values can contain [a-zA-Z0-9+\\-._:/@ *\\\\\"'\\[\\]\\{\\}]", "Default": "", "Description": "tag to add to public subnets, in format Key=Value (Optional)", "Type": "String" }, "VPCCIDR": { "AllowedPattern": "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$", "ConstraintDescription": "CIDR block parameter must be in the form x.x.x.x/16-28", "Default": "10.0.0.0/16", "Description": "CIDR block for the VPC", "Type": "String" }, "VPCTenancy": { "AllowedValues": [ "default", "dedicated" ], "Default": "default", "Description": "The allowed tenancy of instances launched into the VPC", "Type": "String" } }, "Conditions": { "3AZCondition": { "Fn::Or": [ { "Fn::Equals": [ { "Ref": "NumberOfAZs" }, "3" ] }, { "Condition": "4AZCondition" } ] }, "4AZCondition": { "Fn::Equals": [ { "Ref": "NumberOfAZs" }, "4" ] }, "AdditionalPrivateSubnetsCondition": { "Fn::And": [ { "Fn::Equals": [ { "Ref": "CreatePrivateSubnets" }, "true" ] }, { "Fn::Equals": [ { "Ref": "CreateAdditionalPrivateSubnets" }, "true" ] } ] }, "AdditionalPrivateSubnets&3AZCondition": { "Fn::And": [ { "Condition": "AdditionalPrivateSubnetsCondition" }, { "Condition": "3AZCondition" } ] }, "AdditionalPrivateSubnets&4AZCondition": { "Fn::And": [ { "Condition": "AdditionalPrivateSubnetsCondition" }, { "Condition": "4AZCondition" } ] }, "NVirginiaRegionCondition": { "Fn::Equals": [ { "Ref": "AWS::Region" }, "us-east-1" ] }, "PrivateSubnetsCondition": { "Fn::Equals": [ { "Ref": "CreatePrivateSubnets" }, "true" ] }, "PrivateSubnets&3AZCondition": { "Fn::And": [ { "Condition": "PrivateSubnetsCondition" }, { "Condition": "3AZCondition" } ] }, "PrivateSubnets&4AZCondition": { "Fn::And": [ { "Condition": "PrivateSubnetsCondition" }, { "Condition": "4AZCondition" } ] }, "PrivateSubnetATag1Condition": { "Fn::Not": [ { "Fn::Equals": [ { "Ref": "PrivateSubnetATag1" }, "" ] } ] }, "PrivateSubnetATag2Condition": { "Fn::Not": [ { "Fn::Equals": [ { "Ref": "PrivateSubnetATag2" }, "" ] } ] }, "PrivateSubnetATag3Condition": { "Fn::Not": [ { "Fn::Equals": [ { "Ref": "PrivateSubnetATag3" }, "" ] } ] }, "PrivateSubnetBTag1Condition": { "Fn::Not": [ { "Fn::Equals": [ { "Ref": "PrivateSubnetBTag1" }, "" ] } ] }, "PrivateSubnetBTag2Condition": { "Fn::Not": [ { "Fn::Equals": [ { "Ref": "PrivateSubnetBTag2" }, "" ] } ] }, "PrivateSubnetBTag3Condition": { "Fn::Not": [ { "Fn::Equals": [ { "Ref": "PrivateSubnetBTag3" }, "" ] } ] }, "PublicSubnetTag1Condition": { "Fn::Not": [ { "Fn::Equals": [ { "Ref": "PublicSubnetTag1" }, "" ] } ] }, "PublicSubnetTag2Condition": { "Fn::Not": [ { "Fn::Equals": [ { "Ref": "PublicSubnetTag2" }, "" ] } ] }, "PublicSubnetTag3Condition": { "Fn::Not": [ { "Fn::Equals": [ { "Ref": "PublicSubnetTag3" }, "" ] } ] } }, "Resources": { "DHCPOptions": { "Type": "AWS::EC2::DHCPOptions", "Properties": { "DomainName": { "Fn::If": [ "NVirginiaRegionCondition", "ec2.internal", { "Fn::Sub": "${AWS::Region}.compute.internal" } ] }, "DomainNameServers": [ "AmazonProvidedDNS" ] } }, "VPC": { "Type": "AWS::EC2::VPC", "Properties": { "CidrBlock": { "Ref": "VPCCIDR" }, "InstanceTenancy": { "Ref": "VPCTenancy" }, "EnableDnsSupport": true, "EnableDnsHostnames": true, "Tags": [ { "Key": "Name", "Value": { "Ref": "AWS::StackName" } } ] } }, "VPCDHCPOptionsAssociation": { "Type": "AWS::EC2::VPCDHCPOptionsAssociation", "Properties": { "VpcId": { "Ref": "VPC" }, "DhcpOptionsId": { "Ref": "DHCPOptions" } } }, "InternetGateway": { "Type": "AWS::EC2::InternetGateway", "Properties": { "Tags": [ { "Key": "Name", "Value": { "Ref": "AWS::StackName" } } ] } }, "VPCGatewayAttachment": { "Type": "AWS::EC2::VPCGatewayAttachment", "Properties": { "VpcId": { "Ref": "VPC" }, "InternetGatewayId": { "Ref": "InternetGateway" } } }, "PrivateSubnet1A": { "Condition": "PrivateSubnetsCondition", "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PrivateSubnet1ACIDR" }, "AvailabilityZone": { "Fn::Select": [ "0", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Private subnet 1A" }, { "Fn::If": [ "PrivateSubnetATag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetATag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetATag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ] } }, "PrivateSubnet1B": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PrivateSubnet1BCIDR" }, "AvailabilityZone": { "Fn::Select": [ "0", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Private subnet 1B" }, { "Fn::If": [ "PrivateSubnetBTag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetBTag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetBTag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ] } }, "PrivateSubnet2A": { "Condition": "PrivateSubnetsCondition", "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PrivateSubnet2ACIDR" }, "AvailabilityZone": { "Fn::Select": [ "1", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Private subnet 2A" }, { "Fn::If": [ "PrivateSubnetATag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetATag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetATag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ] } }, "PrivateSubnet2B": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PrivateSubnet2BCIDR" }, "AvailabilityZone": { "Fn::Select": [ "1", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Private subnet 2B" }, { "Fn::If": [ "PrivateSubnetBTag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetBTag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetBTag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ] } }, "PrivateSubnet3A": { "Condition": "PrivateSubnets&3AZCondition", "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PrivateSubnet3ACIDR" }, "AvailabilityZone": { "Fn::Select": [ "2", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Private subnet 3A" }, { "Fn::If": [ "PrivateSubnetATag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetATag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetATag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ] } }, "PrivateSubnet3B": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PrivateSubnet3BCIDR" }, "AvailabilityZone": { "Fn::Select": [ "2", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Private subnet 3B" }, { "Fn::If": [ "PrivateSubnetBTag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetBTag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetBTag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ] } }, "PrivateSubnet4A": { "Condition": "PrivateSubnets&4AZCondition", "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PrivateSubnet4ACIDR" }, "AvailabilityZone": { "Fn::Select": [ "3", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Private subnet 4A" }, { "Fn::If": [ "PrivateSubnetATag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetATag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetATag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetATag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ] } }, "PrivateSubnet4B": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PrivateSubnet4BCIDR" }, "AvailabilityZone": { "Fn::Select": [ "3", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Private subnet 4B" }, { "Fn::If": [ "PrivateSubnetBTag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetBTag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnetBTag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PrivateSubnetBTag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ] } }, "PublicSubnet1": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PublicSubnet1CIDR" }, "AvailabilityZone": { "Fn::Select": [ "0", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Public subnet 1" }, { "Fn::If": [ "PublicSubnetTag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PublicSubnetTag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PublicSubnetTag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ], "MapPublicIpOnLaunch": true } }, "PublicSubnet2": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PublicSubnet2CIDR" }, "AvailabilityZone": { "Fn::Select": [ "1", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Public subnet 2" }, { "Fn::If": [ "PublicSubnetTag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PublicSubnetTag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PublicSubnetTag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ], "MapPublicIpOnLaunch": true } }, "PublicSubnet3": { "Condition": "3AZCondition", "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PublicSubnet3CIDR" }, "AvailabilityZone": { "Fn::Select": [ "2", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Public subnet 3" }, { "Fn::If": [ "PublicSubnetTag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PublicSubnetTag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PublicSubnetTag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ], "MapPublicIpOnLaunch": true } }, "PublicSubnet4": { "Condition": "4AZCondition", "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": { "Ref": "PublicSubnet4CIDR" }, "AvailabilityZone": { "Fn::Select": [ "3", { "Ref": "AvailabilityZones" } ] }, "Tags": [ { "Key": "Name", "Value": "Public subnet 4" }, { "Fn::If": [ "PublicSubnetTag1Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag1" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag1" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PublicSubnetTag2Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag2" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag2" } ] } ] } }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PublicSubnetTag3Condition", { "Key": { "Fn::Select": [ "0", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag3" } ] } ] }, "Value": { "Fn::Select": [ "1", { "Fn::Split": [ "=", { "Ref": "PublicSubnetTag3" } ] } ] } }, { "Ref": "AWS::NoValue" } ] } ], "MapPublicIpOnLaunch": true } }, "PrivateSubnet1ARouteTable": { "Condition": "PrivateSubnetsCondition", "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "Private subnet 1A" }, { "Key": "Network", "Value": "Private" } ] } }, "PrivateSubnet1ARoute": { "Condition": "PrivateSubnetsCondition", "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "PrivateSubnet1ARouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "NATGateway1" } } }, "PrivateSubnet1ARouteTableAssociation": { "Condition": "PrivateSubnetsCondition", "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet1A" }, "RouteTableId": { "Ref": "PrivateSubnet1ARouteTable" } } }, "PrivateSubnet2ARouteTable": { "Condition": "PrivateSubnetsCondition", "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "Private subnet 2A" }, { "Key": "Network", "Value": "Private" } ] } }, "PrivateSubnet2ARoute": { "Condition": "PrivateSubnetsCondition", "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "PrivateSubnet2ARouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "NATGateway2" } } }, "PrivateSubnet2ARouteTableAssociation": { "Condition": "PrivateSubnetsCondition", "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet2A" }, "RouteTableId": { "Ref": "PrivateSubnet2ARouteTable" } } }, "PrivateSubnet3ARouteTable": { "Condition": "PrivateSubnets&3AZCondition", "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "Private subnet 3A" }, { "Key": "Network", "Value": "Private" } ] } }, "PrivateSubnet3ARoute": { "Condition": "PrivateSubnets&3AZCondition", "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "PrivateSubnet3ARouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "NATGateway3" } } }, "PrivateSubnet3ARouteTableAssociation": { "Condition": "PrivateSubnets&3AZCondition", "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet3A" }, "RouteTableId": { "Ref": "PrivateSubnet3ARouteTable" } } }, "PrivateSubnet4ARouteTable": { "Condition": "PrivateSubnets&4AZCondition", "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "Private subnet 4A" }, { "Key": "Network", "Value": "Private" } ] } }, "PrivateSubnet4ARoute": { "Condition": "PrivateSubnets&4AZCondition", "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "PrivateSubnet4ARouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "NATGateway4" } } }, "PrivateSubnet4ARouteTableAssociation": { "Condition": "PrivateSubnets&4AZCondition", "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet4A" }, "RouteTableId": { "Ref": "PrivateSubnet4ARouteTable" } } }, "PrivateSubnet1BRouteTable": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "Private subnet 1B" }, { "Key": "Network", "Value": "Private" } ] } }, "PrivateSubnet1BRoute": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "PrivateSubnet1BRouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "NATGateway1" } } }, "PrivateSubnet1BRouteTableAssociation": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet1B" }, "RouteTableId": { "Ref": "PrivateSubnet1BRouteTable" } } }, "PrivateSubnet1BNetworkAcl": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::NetworkAcl", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "NACL Protected subnet 1" }, { "Key": "Network", "Value": "NACL Protected" } ] } }, "PrivateSubnet1BNetworkAclEntryInbound": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::NetworkAclEntry", "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": false, "NetworkAclId": { "Ref": "PrivateSubnet1BNetworkAcl" }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100 } }, "PrivateSubnet1BNetworkAclEntryOutbound": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::NetworkAclEntry", "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": true, "NetworkAclId": { "Ref": "PrivateSubnet1BNetworkAcl" }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100 } }, "PrivateSubnet1BNetworkAclAssociation": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::SubnetNetworkAclAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet1B" }, "NetworkAclId": { "Ref": "PrivateSubnet1BNetworkAcl" } } }, "PrivateSubnet2BRouteTable": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "Private subnet 2B" }, { "Key": "Network", "Value": "Private" } ] } }, "PrivateSubnet2BRoute": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "PrivateSubnet2BRouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "NATGateway2" } } }, "PrivateSubnet2BRouteTableAssociation": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet2B" }, "RouteTableId": { "Ref": "PrivateSubnet2BRouteTable" } } }, "PrivateSubnet2BNetworkAcl": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::NetworkAcl", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "NACL Protected subnet 2" }, { "Key": "Network", "Value": "NACL Protected" } ] } }, "PrivateSubnet2BNetworkAclEntryInbound": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::NetworkAclEntry", "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": false, "NetworkAclId": { "Ref": "PrivateSubnet2BNetworkAcl" }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100 } }, "PrivateSubnet2BNetworkAclEntryOutbound": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::NetworkAclEntry", "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": true, "NetworkAclId": { "Ref": "PrivateSubnet2BNetworkAcl" }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100 } }, "PrivateSubnet2BNetworkAclAssociation": { "Condition": "AdditionalPrivateSubnetsCondition", "Type": "AWS::EC2::SubnetNetworkAclAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet2B" }, "NetworkAclId": { "Ref": "PrivateSubnet2BNetworkAcl" } } }, "PrivateSubnet3BRouteTable": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "Private subnet 3B" }, { "Key": "Network", "Value": "Private" } ] } }, "PrivateSubnet3BRoute": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "PrivateSubnet3BRouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "NATGateway3" } } }, "PrivateSubnet3BRouteTableAssociation": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet3B" }, "RouteTableId": { "Ref": "PrivateSubnet3BRouteTable" } } }, "PrivateSubnet3BNetworkAcl": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Type": "AWS::EC2::NetworkAcl", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "NACL Protected subnet 3" }, { "Key": "Network", "Value": "NACL Protected" } ] } }, "PrivateSubnet3BNetworkAclEntryInbound": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Type": "AWS::EC2::NetworkAclEntry", "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": false, "NetworkAclId": { "Ref": "PrivateSubnet3BNetworkAcl" }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100 } }, "PrivateSubnet3BNetworkAclEntryOutbound": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Type": "AWS::EC2::NetworkAclEntry", "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": true, "NetworkAclId": { "Ref": "PrivateSubnet3BNetworkAcl" }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100 } }, "PrivateSubnet3BNetworkAclAssociation": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Type": "AWS::EC2::SubnetNetworkAclAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet3B" }, "NetworkAclId": { "Ref": "PrivateSubnet3BNetworkAcl" } } }, "PrivateSubnet4BRouteTable": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "Private subnet 4B" }, { "Key": "Network", "Value": "Private" } ] } }, "PrivateSubnet4BRoute": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "PrivateSubnet4BRouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { "Ref": "NATGateway4" } } }, "PrivateSubnet4BRouteTableAssociation": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet4B" }, "RouteTableId": { "Ref": "PrivateSubnet4BRouteTable" } } }, "PrivateSubnet4BNetworkAcl": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Type": "AWS::EC2::NetworkAcl", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "NACL Protected subnet 4" }, { "Key": "Network", "Value": "NACL Protected" } ] } }, "PrivateSubnet4BNetworkAclEntryInbound": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Type": "AWS::EC2::NetworkAclEntry", "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": false, "NetworkAclId": { "Ref": "PrivateSubnet4BNetworkAcl" }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100 } }, "PrivateSubnet4BNetworkAclEntryOutbound": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Type": "AWS::EC2::NetworkAclEntry", "Properties": { "CidrBlock": "0.0.0.0/0", "Egress": true, "NetworkAclId": { "Ref": "PrivateSubnet4BNetworkAcl" }, "Protocol": -1, "RuleAction": "allow", "RuleNumber": 100 } }, "PrivateSubnet4BNetworkAclAssociation": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Type": "AWS::EC2::SubnetNetworkAclAssociation", "Properties": { "SubnetId": { "Ref": "PrivateSubnet4B" }, "NetworkAclId": { "Ref": "PrivateSubnet4BNetworkAcl" } } }, "PublicSubnetRouteTable": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { "Ref": "VPC" }, "Tags": [ { "Key": "Name", "Value": "Public Subnets" }, { "Key": "Network", "Value": "Public" } ] } }, "PublicSubnetRoute": { "DependsOn": "VPCGatewayAttachment", "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { "Ref": "PublicSubnetRouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "GatewayId": { "Ref": "InternetGateway" } } }, "PublicSubnet1RouteTableAssociation": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PublicSubnet1" }, "RouteTableId": { "Ref": "PublicSubnetRouteTable" } } }, "PublicSubnet2RouteTableAssociation": { "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PublicSubnet2" }, "RouteTableId": { "Ref": "PublicSubnetRouteTable" } } }, "PublicSubnet3RouteTableAssociation": { "Condition": "3AZCondition", "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PublicSubnet3" }, "RouteTableId": { "Ref": "PublicSubnetRouteTable" } } }, "PublicSubnet4RouteTableAssociation": { "Condition": "4AZCondition", "Type": "AWS::EC2::SubnetRouteTableAssociation", "Properties": { "SubnetId": { "Ref": "PublicSubnet4" }, "RouteTableId": { "Ref": "PublicSubnetRouteTable" } } }, "NAT1EIP": { "Condition": "PrivateSubnetsCondition", "DependsOn": "VPCGatewayAttachment", "Type": "AWS::EC2::EIP", "Properties": { "Domain": "vpc" } }, "NAT2EIP": { "Condition": "PrivateSubnetsCondition", "DependsOn": "VPCGatewayAttachment", "Type": "AWS::EC2::EIP", "Properties": { "Domain": "vpc" } }, "NAT3EIP": { "Condition": "PrivateSubnets&3AZCondition", "DependsOn": "VPCGatewayAttachment", "Type": "AWS::EC2::EIP", "Properties": { "Domain": "vpc" } }, "NAT4EIP": { "Condition": "PrivateSubnets&4AZCondition", "DependsOn": "VPCGatewayAttachment", "Type": "AWS::EC2::EIP", "Properties": { "Domain": "vpc" } }, "NATGateway1": { "Condition": "PrivateSubnetsCondition", "DependsOn": "VPCGatewayAttachment", "Type": "AWS::EC2::NatGateway", "Properties": { "AllocationId": { "Fn::GetAtt": [ "NAT1EIP", "AllocationId" ] }, "SubnetId": { "Ref": "PublicSubnet1" } } }, "NATGateway2": { "Condition": "PrivateSubnetsCondition", "DependsOn": "VPCGatewayAttachment", "Type": "AWS::EC2::NatGateway", "Properties": { "AllocationId": { "Fn::GetAtt": [ "NAT2EIP", "AllocationId" ] }, "SubnetId": { "Ref": "PublicSubnet2" } } }, "NATGateway3": { "Condition": "PrivateSubnets&3AZCondition", "DependsOn": "VPCGatewayAttachment", "Type": "AWS::EC2::NatGateway", "Properties": { "AllocationId": { "Fn::GetAtt": [ "NAT3EIP", "AllocationId" ] }, "SubnetId": { "Ref": "PublicSubnet3" } } }, "NATGateway4": { "Condition": "PrivateSubnets&4AZCondition", "DependsOn": "VPCGatewayAttachment", "Type": "AWS::EC2::NatGateway", "Properties": { "AllocationId": { "Fn::GetAtt": [ "NAT4EIP", "AllocationId" ] }, "SubnetId": { "Ref": "PublicSubnet4" } } }, "S3VPCEndpoint": { "Condition": "PrivateSubnetsCondition", "Type": "AWS::EC2::VPCEndpoint", "Properties": { "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Action": "*", "Effect": "Allow", "Resource": "*", "Principal": "*" } ] }, "RouteTableIds": [ { "Ref": "PrivateSubnet1ARouteTable" }, { "Ref": "PrivateSubnet2ARouteTable" }, { "Fn::If": [ "PrivateSubnets&3AZCondition", { "Ref": "PrivateSubnet3ARouteTable" }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "PrivateSubnets&4AZCondition", { "Ref": "PrivateSubnet4ARouteTable" }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "AdditionalPrivateSubnetsCondition", { "Ref": "PrivateSubnet1BRouteTable" }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "AdditionalPrivateSubnetsCondition", { "Ref": "PrivateSubnet2BRouteTable" }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "AdditionalPrivateSubnets&3AZCondition", { "Ref": "PrivateSubnet3BRouteTable" }, { "Ref": "AWS::NoValue" } ] }, { "Fn::If": [ "AdditionalPrivateSubnets&4AZCondition", { "Ref": "PrivateSubnet4BRouteTable" }, { "Ref": "AWS::NoValue" } ] } ], "ServiceName": { "Fn::Sub": "com.amazonaws.${AWS::Region}.s3" }, "VpcId": { "Ref": "VPC" } } } }, "Outputs": { "NAT1EIP": { "Condition": "PrivateSubnetsCondition", "Description": "NAT 1 IP address", "Value": { "Ref": "NAT1EIP" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-NAT1EIP" } } }, "NAT2EIP": { "Condition": "PrivateSubnetsCondition", "Description": "NAT 2 IP address", "Value": { "Ref": "NAT2EIP" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-NAT2EIP" } } }, "NAT3EIP": { "Condition": "PrivateSubnets&3AZCondition", "Description": "NAT 3 IP address", "Value": { "Ref": "NAT3EIP" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-NAT3EIP" } } }, "NAT4EIP": { "Condition": "PrivateSubnets&4AZCondition", "Description": "NAT 4 IP address", "Value": { "Ref": "NAT4EIP" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-NAT4EIP" } } }, "PrivateSubnet1ACIDR": { "Condition": "PrivateSubnetsCondition", "Description": "Private subnet 1A CIDR in Availability Zone 1", "Value": { "Ref": "PrivateSubnet1ACIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet1ACIDR" } } }, "PrivateSubnet1AID": { "Condition": "PrivateSubnetsCondition", "Description": "Private subnet 1A ID in Availability Zone 1", "Value": { "Ref": "PrivateSubnet1A" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet1AID" } } }, "PrivateSubnet1BCIDR": { "Condition": "AdditionalPrivateSubnetsCondition", "Description": "Private subnet 1B CIDR in Availability Zone 1", "Value": { "Ref": "PrivateSubnet1BCIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet1BCIDR" } } }, "PrivateSubnet1BID": { "Condition": "AdditionalPrivateSubnetsCondition", "Description": "Private subnet 1B ID in Availability Zone 1", "Value": { "Ref": "PrivateSubnet1B" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet1BID" } } }, "PrivateSubnet2ACIDR": { "Condition": "PrivateSubnetsCondition", "Description": "Private subnet 2A CIDR in Availability Zone 2", "Value": { "Ref": "PrivateSubnet2ACIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet2ACIDR" } } }, "PrivateSubnet2AID": { "Condition": "PrivateSubnetsCondition", "Description": "Private subnet 2A ID in Availability Zone 2", "Value": { "Ref": "PrivateSubnet2A" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet2AID" } } }, "PrivateSubnet2BCIDR": { "Condition": "AdditionalPrivateSubnetsCondition", "Description": "Private subnet 2B CIDR in Availability Zone 2", "Value": { "Ref": "PrivateSubnet2BCIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet2BCIDR" } } }, "PrivateSubnet2BID": { "Condition": "AdditionalPrivateSubnetsCondition", "Description": "Private subnet 2B ID in Availability Zone 2", "Value": { "Ref": "PrivateSubnet2B" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet2BID" } } }, "PrivateSubnet3ACIDR": { "Condition": "PrivateSubnets&3AZCondition", "Description": "Private subnet 3A CIDR in Availability Zone 3", "Value": { "Ref": "PrivateSubnet3ACIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet3ACIDR" } } }, "PrivateSubnet3AID": { "Condition": "PrivateSubnets&3AZCondition", "Description": "Private subnet 3A ID in Availability Zone 3", "Value": { "Ref": "PrivateSubnet3A" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet3AID" } } }, "PrivateSubnet3BCIDR": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Description": "Private subnet 3B CIDR in Availability Zone 3", "Value": { "Ref": "PrivateSubnet3BCIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet3BCIDR" } } }, "PrivateSubnet3BID": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Description": "Private subnet 3B ID in Availability Zone 3", "Value": { "Ref": "PrivateSubnet3B" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet3BID" } } }, "PrivateSubnet4ACIDR": { "Condition": "PrivateSubnets&4AZCondition", "Description": "Private subnet 4A CIDR in Availability Zone 4", "Value": { "Ref": "PrivateSubnet4ACIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet4ACIDR" } } }, "PrivateSubnet4AID": { "Condition": "PrivateSubnets&4AZCondition", "Description": "Private subnet 4A ID in Availability Zone 4", "Value": { "Ref": "PrivateSubnet4A" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet4AID" } } }, "PrivateSubnet4BCIDR": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Description": "Private subnet 4B CIDR in Availability Zone 4", "Value": { "Ref": "PrivateSubnet4BCIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet4BCIDR" } } }, "PrivateSubnet4BID": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Description": "Private subnet 4B ID in Availability Zone 4", "Value": { "Ref": "PrivateSubnet4B" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet4BID" } } }, "PublicSubnet1CIDR": { "Description": "Public subnet 1 CIDR in Availability Zone 1", "Value": { "Ref": "PublicSubnet1CIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PublicSubnet1CIDR" } } }, "PublicSubnet1ID": { "Description": "Public subnet 1 ID in Availability Zone 1", "Value": { "Ref": "PublicSubnet1" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PublicSubnet1ID" } } }, "PublicSubnet2CIDR": { "Description": "Public subnet 2 CIDR in Availability Zone 2", "Value": { "Ref": "PublicSubnet2CIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PublicSubnet2CIDR" } } }, "PublicSubnet2ID": { "Description": "Public subnet 2 ID in Availability Zone 2", "Value": { "Ref": "PublicSubnet2" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PublicSubnet2ID" } } }, "PublicSubnet3CIDR": { "Condition": "3AZCondition", "Description": "Public subnet 3 CIDR in Availability Zone 3", "Value": { "Ref": "PublicSubnet3CIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PublicSubnet3CIDR" } } }, "PublicSubnet3ID": { "Condition": "3AZCondition", "Description": "Public subnet 3 ID in Availability Zone 3", "Value": { "Ref": "PublicSubnet3" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PublicSubnet3ID" } } }, "PublicSubnet4CIDR": { "Condition": "4AZCondition", "Description": "Public subnet 4 CIDR in Availability Zone 4", "Value": { "Ref": "PublicSubnet4CIDR" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PublicSubnet4CIDR" } } }, "PublicSubnet4ID": { "Condition": "4AZCondition", "Description": "Public subnet 4 ID in Availability Zone 4", "Value": { "Ref": "PublicSubnet4" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PublicSubnet4ID" } } }, "S3VPCEndpoint": { "Condition": "PrivateSubnetsCondition", "Description": "S3 VPC Endpoint", "Value": { "Ref": "S3VPCEndpoint" }, "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-S3VPCEndpoint" } } }, "PrivateSubnet1ARouteTable": { "Condition": "PrivateSubnetsCondition", "Value": { "Ref": "PrivateSubnet1ARouteTable" }, "Description": "Private subnet 1A route table", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet1ARouteTable" } } }, "PrivateSubnet1BRouteTable": { "Condition": "AdditionalPrivateSubnetsCondition", "Value": { "Ref": "PrivateSubnet1BRouteTable" }, "Description": "Private subnet 1B route table", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet1BRouteTable" } } }, "PrivateSubnet2ARouteTable": { "Condition": "PrivateSubnetsCondition", "Value": { "Ref": "PrivateSubnet2ARouteTable" }, "Description": "Private subnet 2A route table", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet2ARouteTable" } } }, "PrivateSubnet2BRouteTable": { "Condition": "AdditionalPrivateSubnetsCondition", "Value": { "Ref": "PrivateSubnet2BRouteTable" }, "Description": "Private subnet 2B route table", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet2BRouteTable" } } }, "PrivateSubnet3ARouteTable": { "Condition": "PrivateSubnets&3AZCondition", "Value": { "Ref": "PrivateSubnet3ARouteTable" }, "Description": "Private subnet 3A route table", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet3ARouteTable" } } }, "PrivateSubnet3BRouteTable": { "Condition": "AdditionalPrivateSubnets&3AZCondition", "Value": { "Ref": "PrivateSubnet3BRouteTable" }, "Description": "Private subnet 3B route table", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet3BRouteTable" } } }, "PrivateSubnet4ARouteTable": { "Condition": "PrivateSubnets&4AZCondition", "Value": { "Ref": "PrivateSubnet4ARouteTable" }, "Description": "Private subnet 4A route table", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet4ARouteTable" } } }, "PrivateSubnet4BRouteTable": { "Condition": "AdditionalPrivateSubnets&4AZCondition", "Value": { "Ref": "PrivateSubnet4BRouteTable" }, "Description": "Private subnet 4B route table", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PrivateSubnet4BRouteTable" } } }, "PublicSubnetRouteTable": { "Value": { "Ref": "PublicSubnetRouteTable" }, "Description": "Public subnet route table", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-PublicSubnetRouteTable" } } }, "VPCCIDR": { "Value": { "Ref": "VPCCIDR" }, "Description": "VPC CIDR", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-VPCCIDR" } } }, "VPCID": { "Value": { "Ref": "VPC" }, "Description": "VPC ID", "Export": { "Name": { "Fn::Sub": "${AWS::StackName}-VPCID" } } } } }