AWSTemplateFormatVersion: 2010-09-09 Description: Set up VPC peering between VPCs (qs-1sflpub5h) Metadata: cfn-lint: config: ignore_checks: - W9002 - W9003 - W9006 Parameters: ProductionVpcId: Type: AWS::EC2::VPC::Id Description: VPC ID for web app ProductionVpcCidr: Type: String Description: VPC CIDR for web app VPC AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$" ConstraintDescription: Must be a valid IP CIDR range of the form x.x.x.x/x. ProductionRouteTablePrivateA: Type: String Description: Route Table Private Subnet A - web app VPC ProductionRouteTablePrivateB: Type: String Description: Route Table Private Subnet B - web app VPC ProductionRouteTablePublic: Type: String Description: Route Table Public Subnet - web app VPC ManagementVpcId: Type: AWS::EC2::VPC::Id Description: Management VPC ID ManagementVpcCidr: Type: String Description: Management VPC CIDR AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/([0-9]|[1-2][0-9]|3[0-2]))$" ConstraintDescription: Must be a valid IP CIDR range of the form x.x.x.x/x. ManagementRouteTablePrivateA: Type: String Description: Route Table Private Subnet A - management VPC ManagementRouteTablePrivateB: Type: String Description: Route Table Private Subnet B - management VPC ManagementRouteTablePublic: Type: String Description: Route Table Public Subnet - management VPC QSTagKey: Type: String Description: Tag key to identify resources from this Quick Start. QSTagValue: Type: String Description: Tag value to identify resources from this Quick Start. Mappings: VpcPeering: Tags: Name: vpc-peering-hitrust-csf-quickstart Resources: VpcPeeringConnection: Type: AWS::EC2::VPCPeeringConnection Properties: PeerVpcId: !Ref ProductionVpcId VpcId: !Ref ManagementVpcId Tags: - Key: Name Value: !FindInMap [ VpcPeering, Tags, Name ] - Key: !Ref QSTagKey Value: !Ref QSTagValue RouteManagementProductionPrivateA: Type: AWS::EC2::Route Properties: RouteTableId: !Ref ManagementRouteTablePrivateA VpcPeeringConnectionId: !Ref VpcPeeringConnection DestinationCidrBlock: !Ref ProductionVpcCidr RouteManagementProductionPrivateB: Type: AWS::EC2::Route Properties: RouteTableId: !Ref ManagementRouteTablePrivateB VpcPeeringConnectionId: !Ref VpcPeeringConnection DestinationCidrBlock: !Ref ProductionVpcCidr RouteManagementProductionPublic: Type: AWS::EC2::Route Properties: RouteTableId: !Ref ManagementRouteTablePublic VpcPeeringConnectionId: !Ref VpcPeeringConnection DestinationCidrBlock: !Ref ProductionVpcCidr RouteProductionManagementPrivateA: Type: AWS::EC2::Route Properties: RouteTableId: !Ref ProductionRouteTablePrivateA VpcPeeringConnectionId: !Ref VpcPeeringConnection DestinationCidrBlock: !Ref ManagementVpcCidr RouteProductionManagementPrivateB: Type: AWS::EC2::Route Properties: RouteTableId: !Ref ProductionRouteTablePrivateB VpcPeeringConnectionId: !Ref VpcPeeringConnection DestinationCidrBlock: !Ref ManagementVpcCidr RouteProductionManagementPublic: Type: AWS::EC2::Route Properties: RouteTableId: !Ref ProductionRouteTablePublic VpcPeeringConnectionId: !Ref VpcPeeringConnection DestinationCidrBlock: !Ref ManagementVpcCidr Outputs: VpcPeeringConnectionId: Value: !Ref VpcPeeringConnection Description: VPC Peering Connection between management and production VPCs