AWSTemplateFormatVersion: 2010-09-09 Description: Biotech Bluepirint - Adds additional networking capabilities - VPC peering and internal DNS Parameters: pPreclinicalVpcId: Type: AWS::EC2::VPC::Id pPreclinicalVpcCidr: Type: String pManagementVpcId: Type: AWS::EC2::VPC::Id pManagementVpcCidr: Type: String pPreclinicalRouteTablePrivateA: Type: String pPreclinicalRouteTablePrivateB: Type: String pPreclinicalRouteTablePublic: Type: String pManagementRouteTablePrivateA: Type: String pManagementRouteTablePrivateB: Type: String pManagementRouteTablePublic: Type: String pInternal2ndLevelDomainName: Type: String pInternalDnsTopLevelDomain: Type: String Resources: rPeeringConnectionPreclinical: Type: AWS::EC2::VPCPeeringConnection Properties: PeerVpcId: !Ref pPreclinicalVpcId VpcId: !Ref pManagementVpcId Tags: - Key: Name Value: vpc-peer-preclinical-management rRouteManagementPreclinicalPrivateA: Type: AWS::EC2::Route Properties: RouteTableId: !Ref pManagementRouteTablePrivateA VpcPeeringConnectionId: !Ref rPeeringConnectionPreclinical DestinationCidrBlock: !Ref pPreclinicalVpcCidr rRouteManagementPreclinicalPrivateB: Type: AWS::EC2::Route Properties: RouteTableId: !Ref pManagementRouteTablePrivateB VpcPeeringConnectionId: !Ref rPeeringConnectionPreclinical DestinationCidrBlock: !Ref pPreclinicalVpcCidr rRoutePreclinicalManagementPrivateA: Type: AWS::EC2::Route Properties: RouteTableId: !Ref pPreclinicalRouteTablePrivateA VpcPeeringConnectionId: !Ref rPeeringConnectionPreclinical DestinationCidrBlock: !Ref pManagementVpcCidr rRoutePreclinicalManagementPrivateB: Type: AWS::EC2::Route Properties: RouteTableId: !Ref pPreclinicalRouteTablePrivateB VpcPeeringConnectionId: !Ref rPeeringConnectionPreclinical DestinationCidrBlock: !Ref pManagementVpcCidr rRoutePreclinicalManagementPublic: Type: AWS::EC2::Route Properties: RouteTableId: !Ref pPreclinicalRouteTablePublic VpcPeeringConnectionId: !Ref rPeeringConnectionPreclinical DestinationCidrBlock: !Ref pManagementVpcCidr rRouteManagementPreclinicalPublic: Type: AWS::EC2::Route Properties: RouteTableId: !Ref pManagementRouteTablePublic VpcPeeringConnectionId: !Ref rPeeringConnectionPreclinical DestinationCidrBlock: !Ref pPreclinicalVpcCidr rInternalHostedZoneForPortCo: Type: AWS::Route53::HostedZone Properties: Name: !Sub ${pInternal2ndLevelDomainName}.${pInternalDnsTopLevelDomain} VPCs: - VPCId: !Ref pPreclinicalVpcId VPCRegion: !Ref AWS::Region - VPCId: !Ref pManagementVpcId VPCRegion: !Ref AWS::Region rInformaticsAccessSG: Type: AWS::EC2::SecurityGroup Properties: GroupName: "Informatics Access" GroupDescription: "To be attached to resources that should have access to Informatics resources. Like a Client VPN Endpoint" VpcId: !Ref pPreclinicalVpcId Outputs: InternalHostedZoneIDParam: Value: !Ref rInternalHostedZoneForPortCo Description: Route53 Hosted Zone ID for biotech blueprint resources InternalHostedZoneApexDomainName: Value: !Sub ${pInternal2ndLevelDomainName}.${pInternalDnsTopLevelDomain} Description: Route53 Hosted Zone apex domain for biotech blueprint resources InternalHostedZoneTLDDomainName: Value: !Ref pInternalDnsTopLevelDomain Description: Route53 Hosted Zone TLD domain for biotech blueprint resources InternalHostedZoneSecondLevelDomainName: Value: !Ref pInternal2ndLevelDomainName Description: Route53 Hosted Zone 2nd level domain for biotech blueprint resources InformaticsAccessSecurityGroup: Value: !Ref rInformaticsAccessSG Description: Security Group that should be attached to resources that need to access informatics resources.