VPC:
  Metadata:
    'aws:copilot:description': 'A Virtual Private Cloud to control networking of your AWS resources'
  Type: AWS::EC2::VPC
  Properties:
    CidrBlock: {{.CIDR}}
    EnableDnsHostnames: true
    EnableDnsSupport: true
    InstanceTenancy: default
    Tags:
      - Key: Name
        Value: !Sub 'copilot-${AppName}-${EnvironmentName}'

PublicRouteTable:
  Metadata:
    'aws:copilot:description': "A custom route table that directs network traffic for the public subnets"
  Type: AWS::EC2::RouteTable
  Properties:
    VpcId: !Ref VPC
    Tags:
      - Key: Name
        Value: !Sub 'copilot-${AppName}-${EnvironmentName}'

DefaultPublicRoute:
  Type: AWS::EC2::Route
  DependsOn: InternetGatewayAttachment
  Properties:
    RouteTableId: !Ref PublicRouteTable
    DestinationCidrBlock: 0.0.0.0/0
    GatewayId: !Ref InternetGateway

InternetGateway:
  Metadata:
    'aws:copilot:description': 'An Internet Gateway to connect to the public internet'
  Type: AWS::EC2::InternetGateway
  Properties:
    Tags:
      - Key: Name
        Value: !Sub 'copilot-${AppName}-${EnvironmentName}'

InternetGatewayAttachment:
  Type: AWS::EC2::VPCGatewayAttachment
  Properties:
    InternetGatewayId: !Ref InternetGateway
    VpcId: !Ref VPC

{{- $azs := .AZs }}
{{- range $ind, $cidr := .PublicSubnetCIDRs}}
PublicSubnet{{inc $ind}}:
  Metadata:
    'aws:copilot:description': 'Public subnet {{inc $ind}} for resources that can access the internet'
  Type: AWS::EC2::Subnet
  Properties:
    CidrBlock: {{$cidr}}
    VpcId: !Ref VPC
    {{- if $azs }}
    AvailabilityZone: {{index $azs $ind}}
    {{- else }}
    AvailabilityZone: !Select [ {{$ind}}, !GetAZs '' ]
    {{- end }}
    MapPublicIpOnLaunch: true
    Tags:
      - Key: Name
        Value: !Sub 'copilot-${AppName}-${EnvironmentName}-pub{{$ind}}'
{{- end }}
{{- range $ind, $cidr := .PrivateSubnetCIDRs }}
PrivateSubnet{{inc $ind}}:
  Metadata:
    'aws:copilot:description': 'Private subnet {{inc $ind}} for resources with no internet access'
  Type: AWS::EC2::Subnet
  Properties:
    CidrBlock: {{$cidr}}
    VpcId: !Ref VPC
    {{- if $azs }}
    AvailabilityZone: {{index $azs $ind}}
    {{- else }}
    AvailabilityZone: !Select [ {{$ind}}, !GetAZs '' ]
    {{- end }}
    MapPublicIpOnLaunch: false
    Tags:
      - Key: Name
        Value: !Sub 'copilot-${AppName}-${EnvironmentName}-priv{{$ind}}'
{{- end }}
{{- range $ind, $cidr := .PublicSubnetCIDRs}}
PublicSubnet{{inc $ind}}RouteTableAssociation:
  Type: AWS::EC2::SubnetRouteTableAssociation
  Properties:
    RouteTableId: !Ref PublicRouteTable
    SubnetId: !Ref PublicSubnet{{inc $ind}}
{{- end}}