--- AWSTemplateFormatVersion: "2010-09-09" Description: "Creates a VPC with two public and private subnets." Parameters: VPCName: Description: The name of the VPC being created. Type: String Default: "FSxONTAP-EKS-VPC" Mappings: SubnetConfig: VPC: CIDR: "10.0.0.0/16" Private1: CIDR: "10.0.0.0/24" Private2: CIDR: "10.0.1.0/24" Public1: CIDR: "10.0.100.0/24" Public2: CIDR: "10.0.101.0/24" # This mapping accounts for the scenario when certain AZs # are not available to use (this differs on a per account # per customer basis). E.g., if the 'b' AZ is not available # in a specific region in one's account then updating the # list contained in the mapping below here will allow a # different AZ to be chosen. AZRegions: us-east-1: AZs: ["a", "b"] us-east-2: AZs: ["a", "b"] us-west-1: AZs: ["a", "b"] us-west-2: AZs: ["a", "b"] ap-northeast-1: AZs: ["a", "b"] ap-northeast-2: AZs: ["a", "b"] ap-northeast-3: AZs: ["a", "b"] ap-east-1: AZs: ["a", "b"] ap-south-1: AZs: ["a", "b"] ap-southeast-1: AZs: ["a", "b"] ap-southeast-2: AZs: ["a", "b"] ap-southeast-3: AZs: ["a", "b"] ca-central-1: AZs: ["a", "b"] eu-central-1: AZs: ["a", "b"] eu-west-1: AZs: ["a", "b"] eu-west-2: AZs: ["a", "b"] eu-west-3: AZs: ["a", "b"] eu-south-1: AZs: ["a", "b"] eu-north-1: AZs: ["a", "b"] sa-east-1: AZs: ["a", "b"] af-south-1: AZs: ["a", "b"] me-south-1: AZs: ["a", "b"] Resources: VPC: Type: "AWS::EC2::VPC" Properties: EnableDnsSupport: "true" EnableDnsHostnames: "true" CidrBlock: Fn::FindInMap: - "SubnetConfig" - "VPC" - "CIDR" Tags: - Key: "Name" Value: !Ref 'VPCName' PrivateSubnet1: Type: "AWS::EC2::Subnet" Properties: VpcId: Ref: "VPC" AvailabilityZone: Fn::Sub: - "${AWS::Region}${AZ}" - AZ: !Select [ 0, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ] CidrBlock: Fn::FindInMap: - "SubnetConfig" - "Private1" - "CIDR" Tags: - Key: "Name" Value: !Join - '' - - !Ref "VPCName" - '-private-' - !Select [ 0, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ] PrivateSubnet2: Type: "AWS::EC2::Subnet" Properties: VpcId: Ref: "VPC" AvailabilityZone: Fn::Sub: - "${AWS::Region}${AZ}" - AZ: !Select [ 1, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ] CidrBlock: Fn::FindInMap: - "SubnetConfig" - "Private2" - "CIDR" Tags: - Key: "Name" Value: !Join - '' - - !Ref "VPCName" - '-private-' - !Select [ 1, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ] PublicSubnet1: Type: "AWS::EC2::Subnet" Properties: VpcId: Ref: "VPC" AvailabilityZone: Fn::Sub: - "${AWS::Region}${AZ}" - AZ: !Select [ 0, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ] CidrBlock: Fn::FindInMap: - "SubnetConfig" - "Public1" - "CIDR" MapPublicIpOnLaunch: true Tags: - Key: "Name" Value: !Join - '' - - !Ref "VPCName" - '-public-' - !Select [ 0, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ] PublicSubnet2: Type: "AWS::EC2::Subnet" Properties: VpcId: Ref: "VPC" AvailabilityZone: Fn::Sub: - "${AWS::Region}${AZ}" - AZ: !Select [ 1, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ] CidrBlock: Fn::FindInMap: - "SubnetConfig" - "Public2" - "CIDR" MapPublicIpOnLaunch: true Tags: - Key: "Name" Value: !Join - '' - - !Ref "VPCName" - '-public-' - !Select [ 1, !FindInMap [ "AZRegions", !Ref "AWS::Region", "AZs" ] ] InternetGateway: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: !Sub "${VPCName}-ITG" InternetGatewayAttachment: Type: AWS::EC2::VPCGatewayAttachment Properties: InternetGatewayId: !Ref InternetGateway VpcId: !Ref VPC NatGateway1EIP: Type: AWS::EC2::EIP DependsOn: InternetGatewayAttachment Properties: Domain: vpc NatGateway2EIP: Type: AWS::EC2::EIP DependsOn: InternetGatewayAttachment Properties: Domain: vpc NatGateway1: Type: AWS::EC2::NatGateway Properties: AllocationId: !GetAtt NatGateway1EIP.AllocationId SubnetId: !Ref PublicSubnet1 NatGateway2: Type: AWS::EC2::NatGateway Properties: AllocationId: !GetAtt NatGateway2EIP.AllocationId SubnetId: !Ref PublicSubnet2 PublicRouteTable: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref VPC Tags: - Key: Name Value: !Sub ${VPCName} Public Routes DefaultPublicRoute: Type: AWS::EC2::Route DependsOn: InternetGatewayAttachment Properties: RouteTableId: !Ref PublicRouteTable DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref InternetGateway PublicSubnet1RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref PublicRouteTable SubnetId: !Ref PublicSubnet1 PublicSubnet2RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref PublicRouteTable SubnetId: !Ref PublicSubnet2 PrivateRouteTable1: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref VPC Tags: - Key: Name Value: !Sub ${VPCName} Private Routes (AZ1) DefaultPrivateRoute1: Type: AWS::EC2::Route Properties: RouteTableId: !Ref PrivateRouteTable1 DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: !Ref NatGateway1 PrivateSubnet1RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref PrivateRouteTable1 SubnetId: !Ref PrivateSubnet1 #PrivateRouteTable2: #Type: AWS::EC2::RouteTable #Properties: #VpcId: !Ref VPC #Tags: #- Key: Name #Value: !Sub ${VPCName} Private Routes (AZ2) #DefaultPrivateRoute2: #Type: AWS::EC2::Route #Properties: #RouteTableId: !Ref PrivateRouteTable1 #DestinationCidrBlock: 0.0.0.0/0 #NatGatewayId: !Ref NatGateway1 PrivateSubnet2RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref PrivateRouteTable1 SubnetId: !Ref PrivateSubnet2 Outputs: VPCId: Description: "VPCId of VPC" Value: Ref: "VPC" Export: Name: !Sub "${AWS::Region}-${AWS::StackName}-VPC" PrivateSubnet1: Description: "SubnetId of private subnet 1" Value: Ref: "PrivateSubnet1" Export: Name: !Sub "${AWS::Region}-${AWS::StackName}-PrivateSubnet1" PrivateSubnet2: Description: "SubnetId of private subnet 2" Value: Ref: "PrivateSubnet2" Export: Name: !Sub "${AWS::Region}-${AWS::StackName}-PrivateSubnet2" PublicSubnet1: Description: "SubnetId of public subnet 1" Value: Ref: "PublicSubnet1" Export: Name: !Sub "${AWS::Region}-${AWS::StackName}-PublicSubnet1" PublicSubnet2: Description: "SubnetId of public subnet 2" Value: Ref: "PublicSubnet2" Export: Name: !Sub "${AWS::Region}-${AWS::StackName}-PublicSubnet2" PrivateRouteTable1: Description: "Route table of private subnet" Value: Ref: "PrivateRouteTable1" Export: Name: !Sub "${AWS::Region}-${AWS::StackName}-PrivateRouteTable1"