# This creates a VPC with two public subnets and two private subnets in two Availability Zones, # together with a NAT Gateway and associated routing. Change the Availability Zone locations as needed. # Usage from command line: # aws cloudformation --region <> create-stack --stack-name vpc- --template-body file://vpc-setup.yaml Resources: ## VPC PubPrivateVPC: Type: AWS::EC2::VPC Properties: CidrBlock: 10.0.0.0/16 Tags: - Key: Name Value: PubPrivateVPC ## SUBNETS PublicSubnet1: Type: AWS::EC2::Subnet Properties: VpcId: !Ref PubPrivateVPC AvailabilityZone: us-east-1a CidrBlock: 10.0.1.0/24 MapPublicIpOnLaunch: true Tags: - Key: Name Value: PublicSubnet1 PublicSubnet2: Type: AWS::EC2::Subnet Properties: VpcId: !Ref PubPrivateVPC AvailabilityZone: us-east-1b CidrBlock: 10.0.2.0/24 MapPublicIpOnLaunch: true Tags: - Key: Name Value: PublicSubnet2 PrivateSubnet1: Type: AWS::EC2::Subnet Properties: VpcId: !Ref PubPrivateVPC AvailabilityZone: us-east-1a CidrBlock: 10.0.3.0/24 MapPublicIpOnLaunch: false Tags: - Key: Name Value: PrivateSubnet1 PrivateSubnet2: Type: AWS::EC2::Subnet Properties: VpcId: !Ref PubPrivateVPC AvailabilityZone: us-east-1b CidrBlock: 10.0.4.0/24 MapPublicIpOnLaunch: false Tags: - Key: Name Value: PrivateSubnet2 ## INTERNET GATEWAY InternetGateway: Type: AWS::EC2::InternetGateway GatewayToInternet: Type: AWS::EC2::VPCGatewayAttachment Properties: VpcId: !Ref PubPrivateVPC InternetGatewayId: !Ref InternetGateway ## PUBLIC ROUTING PublicRouteTable: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref PubPrivateVPC PublicRoute: Type: AWS::EC2::Route DependsOn: GatewayToInternet Properties: RouteTableId: !Ref PublicRouteTable DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref InternetGateway PublicSubnet1RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PublicSubnet1 RouteTableId: !Ref PublicRouteTable PublicSubnet2RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PublicSubnet2 RouteTableId: !Ref PublicRouteTable ## NAT GATEWAY NatGateway: Type: AWS::EC2::NatGateway DependsOn: NatPublicIP Properties: SubnetId: !Ref PublicSubnet1 AllocationId: !GetAtt NatPublicIP.AllocationId Tags: - Key: Name Value: NatGateway ## ELASTIC IP NatPublicIP: Type: AWS::EC2::EIP DependsOn: PubPrivateVPC Properties: Domain: vpc ## PRIVATE ROUTING PrivateRouteTable: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref PubPrivateVPC PrivateRoute: Type: AWS::EC2::Route Properties: NatGatewayId: !Ref NatGateway RouteTableId: !Ref PrivateRouteTable DestinationCidrBlock: 0.0.0.0/0 PrivateSubnet1RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PrivateSubnet1 RouteTableId: !Ref PrivateRouteTable PrivateSubnet2RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: SubnetId: !Ref PrivateSubnet2 RouteTableId: !Ref PrivateRouteTable