Python CfnSubnetNetworkAclAssociation Beispiele

Programmiersprache: Python

Namespace / Paketname: aws_cdk.aws_ec2

Methode / Funktion: CfnSubnetNetworkAclAssociation

Beispiele auf hotexamples.com: 4

Python CfnSubnetNetworkAclAssociation - 4 Beispiele gefunden. Dies sind die am besten bewerteten Python Beispiele für die aws_cdk.aws_ec2.CfnSubnetNetworkAclAssociation, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Beispiel #1

Datei anzeigen

Datei: nacls.py Projekt: Jayvee1413/santos-devops-challenge-tier1

def generate_isolated_nacl(scope, vpc: ec2.Vpc,
                           private_subnets: List[ec2.ISubnet]):
    nacl = ec2.CfnNetworkAcl(
        scope=scope,
        id="JVSANTOSisolated_network_acl",
        vpc_id=vpc.vpc_id,
        tags=[{
            "key": "Name",
            "value": "Tier_1_ACL_Isolated"
        }],
    )

    generate_isolated_nacl_entries(scope=scope,
                                   isolated_nacl=nacl,
                                   private_subnets=private_subnets)

    # Associate Public subnets to Public NACL
    counter = 0
    for subnet in vpc.isolated_subnets:
        ec2.CfnSubnetNetworkAclAssociation(
            scope=scope,
            id=f"JVSANTOSisolated_nacl_subnet_assoc_{counter}",
            network_acl_id=nacl.ref,
            subnet_id=subnet.subnet_id,
        )
        counter += 1

    return nacl

Beispiel #2

Datei anzeigen

Datei: nacls.py Projekt: Jayvee1413/santos-devops-challenge-tier1

def generate_public_nacl(scope, vpc: ec2.Vpc):
    nacl = ec2.CfnNetworkAcl(
        scope=scope,
        id="JVSANTOSpublic_network_acl",
        vpc_id=vpc.vpc_id,
        tags=[{
            "key": "Name",
            "value": "Tier_1_ACL_Public"
        }],
    )

    generate_public_nacl_entries(scope=scope, public_nacl=nacl)

    # Associate Public subnets to Public NACL
    counter = 0
    for subnet in vpc.public_subnets:
        ec2.CfnSubnetNetworkAclAssociation(
            scope=scope,
            id=f"JVSANTOSpublic_nacl_subnet_assoc_{counter}",
            network_acl_id=nacl.ref,
            subnet_id=subnet.subnet_id,
        )
        counter += 1

    return nacl

Beispiel #3

Datei anzeigen

Datei: vpc_stack.py Projekt: mindy850302/create-vpc-with-aws-cdk

    def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
        super().__init__(scope, id, **kwargs)

        # create defalut vpc (us-east-1)
        # 1 VPC
        # 2 PublicSubnet, 2 Private Subnet
        # 4 Route Table, Each subnet will get each route table
        # Private Route Table will attach NATGateway (2 NATGateway, 2 EIP)
        # Public Route Table will attach InternetGateway
        # vpc = ec2.Vpc(self, "Mindy-VPC")

        # #############################
        # # VPC
        # #############################
        # # https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/Vpc.html

        # subnet_amount = 2
        # subnet_list = []

        # # public subnet
        # public_subnet = ec2.SubnetConfiguration(
        #     name = 'My-Public',
        #     subnet_type = ec2.SubnetType.PUBLIC,
        #     cidr_mask=24
        # )
        # subnet_list.append(public_subnet)

        # # private subnet
        # # private_subnet = ec2.SubnetConfiguration(
        # #     name = 'My-Private',
        # #     subnet_type = ec2.SubnetType.PRIVATE,
        # #     cidr_mask=24
        # # )
        # # subnet_list.append(private_subnet)

        # # vpc setting
        # VPC_id = 'My Lab VPC'
        # CIDR = '10.0.0.0/16'
        # vpc = ec2.Vpc(
        #     self,
        #     VPC_id,
        #     cidr=CIDR,
        #     max_azs=subnet_amount,
        #     nat_gateways=0,
        #     nat_gateway_subnets=None,
        #     subnet_configuration=subnet_list,
        #     vpn_connections=None,
        #     vpn_gateway=None,
        #     vpn_gateway_asn=None,
        #     vpn_route_propagation=None
        #     )

        # # output
        # core.CfnOutput(
        #     self,
        #     'VPC-CIDR',
        #     value=vpc.vpc_cidr_block
        # )
        # core.CfnOutput(
        #     self,
        #     'VPC-id',
        #     value=vpc.vpc_id
        # )

        # for i in range(len(vpc.availability_zones)):
        #     core.CfnOutput(
        #         self,
        #         'VPC-AZ-%s'%(i+1),
        #         value=vpc.availability_zones[i]
        #     )

        # for i in range(len(vpc.public_subnets)):
        #     core.CfnOutput(
        #         self,
        #         'VPC-Public-Subnet-%s'%(i+1),
        #         value=vpc.public_subnets[i].subnet_id
        #     )
        #     core.CfnOutput(
        #         self,
        #         'VPC-Public-Subnet-%s-Route-Table-id'%(i+1),
        #         value=vpc.public_subnets[i].route_table.route_table_id
        #     )

        # # for i in range(len(vpc.private_subnets)):
        # #     core.CfnOutput(
        # #         self,
        # #         'VPC-Private-Subnet-%s'%(i+1),
        # #         value=vpc.private_subnets[i].subnet_id
        # #     )
        # #     core.CfnOutput(
        # #         self,
        # #         'VPC-Private-Subnet-%s-Route-Table-id'%(i+1),
        # #         value=vpc.private_subnets[i].route_table.route_table_id
        # #     )
        ##########################
        # Resource
        ##########################
        ##########################
        # VPC setting
        ##########################
        # VPC
        # https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/CfnVPC.html#
        vpc = ec2.CfnVPC(self,
                         'My Lab VPC',
                         cidr_block='10.0.0.0/16',
                         enable_dns_hostnames=None,
                         enable_dns_support=None,
                         instance_tenancy=None,
                         tags=[{
                             'key': 'Name',
                             'value': 'My Lab VPC'
                         }])

        # Sets the deletion policy of the resource based on the removal policy specified.
        vpc.apply_removal_policy(policy=core.RemovalPolicy.DESTROY)

        # Internet Gateway
        # https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/CfnInternetGateway.html
        igw = ec2.CfnInternetGateway(self,
                                     'My Internet Gateway',
                                     tags=[{
                                         'key': 'Name',
                                         'value': 'My IGW'
                                     }])
        igw.apply_removal_policy(policy=core.RemovalPolicy.DESTROY)

        # VPC Gateway Attachment
        # https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/CfnVPCGatewayAttachment.html
        vpc_gateway_attachment = ec2.CfnVPCGatewayAttachment(
            self,
            'My VPC Gateway Attachment',
            vpc_id=vpc.ref,
            internet_gateway_id=igw.ref)

        # Public Route Table
        # https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/CfnRouteTable.html
        public_route_table = ec2.CfnRouteTable(self,
                                               'My Public Route Table',
                                               vpc_id=vpc.ref,
                                               tags=[{
                                                   'key':
                                                   'Name',
                                                   'value':
                                                   'My Public Route Table'
                                               }])

        # Public Route
        # https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/CfnRoute.html
        public_route = ec2.CfnRoute(self,
                                    'My Public Route',
                                    destination_cidr_block='0.0.0.0/0',
                                    route_table_id=public_route_table.ref,
                                    gateway_id=igw.ref)

        # get all az in this regions
        # https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.core/Fn.html
        azs = core.Fn.get_azs()

        # Public Subnet
        # https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/CfnSubnet.html
        public_sunet1 = ec2.CfnSubnet(self,
                                      'Public-Subnet-1',
                                      cidr_block='10.0.1.0/24',
                                      vpc_id=vpc.ref,
                                      assign_ipv6_address_on_creation=None,
                                      availability_zone=core.Fn.select(0, azs),
                                      ipv6_cidr_block=None,
                                      map_public_ip_on_launch=True,
                                      tags=[{
                                          'key': 'Name',
                                          'value': 'Public-Subnet-1'
                                      }])

        public_sunet2 = ec2.CfnSubnet(self,
                                      'Public-Subnet-2',
                                      cidr_block='10.0.3.0/24',
                                      vpc_id=vpc.ref,
                                      assign_ipv6_address_on_creation=None,
                                      availability_zone=core.Fn.select(1, azs),
                                      ipv6_cidr_block=None,
                                      map_public_ip_on_launch=True,
                                      tags=[{
                                          'key': 'Name',
                                          'value': 'Public-Subnet-2'
                                      }])

        # Route Table Association (Public-Subnet-1, Public-Subnet-2)
        # https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/CfnSubnetRouteTableAssociation.html
        associate_public_subnet1 = ec2.CfnSubnetRouteTableAssociation(
            self,
            'PublicSubnet1RouteTableAssociation',
            route_table_id=public_route_table.ref,
            subnet_id=public_sunet1.ref)

        associate_public_subnet2 = ec2.CfnSubnetRouteTableAssociation(
            self,
            'PublicSubnet2RouteTableAssociation',
            route_table_id=public_route_table.ref,
            subnet_id=public_sunet2.ref)

        # NACL Association to subnets
        # https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/CfnSubnetNetworkAclAssociation.html
        public_subnet1_network_acl_association = ec2.CfnSubnetNetworkAclAssociation(
            self,
            'PublicSubnet1NetworkAclAssociation',
            network_acl_id=vpc.attr_default_network_acl,
            subnet_id=public_sunet1.ref)
        public_subnet2_network_acl_association = ec2.CfnSubnetNetworkAclAssociation(
            self,
            'PublicSubnet2NetworkAclAssociation',
            network_acl_id=vpc.attr_default_network_acl,
            subnet_id=public_sunet2.ref)

        ##########################
        # Output
        ##########################
        core.CfnOutput(self, 'vpc-id', value=vpc.ref)
        core.CfnOutput(self, 'vpc-CIDR', value=vpc.cidr_block)
        core.CfnOutput(self, 'igw-id', value=igw.ref)
        core.CfnOutput(self, 'Public Sunet 1', value=public_sunet1.ref)
        core.CfnOutput(self, 'Public Sunet 2', value=public_sunet2.ref)

Beispiel #4

Datei anzeigen

    def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
        super().__init__(scope, id, **kwargs)

        # The code that defines your stack goes here
        # vpc network
        vpc = aws_ec2.CfnVPC(self,
                             'VPC',
                             cidr_block='10.0.0.0/16',
                             enable_dns_hostnames=True,
                             enable_dns_support=True,
                             instance_tenancy='default',
                             tags=[core.CfnTag(key='Name', value='vpc')])
        internetgateway = aws_ec2.CfnInternetGateway(
            self,
            'internetgateway',
            tags=[core.CfnTag(key='Name', value='internetgateway')])
        aws_ec2.CfnVPCGatewayAttachment(
            self,
            'VPCGatewayAttachment',
            vpc_id=vpc.ref,
            internet_gateway_id=internetgateway.ref)
        networkacl = aws_ec2.CfnNetworkAcl(
            self,
            'NetworkAcl',
            vpc_id=vpc.ref,
            tags=[core.CfnTag(key='Name', value='networkacl')])
        aws_ec2.CfnNetworkAclEntry(self,
                                   'NetworkAclEntry01',
                                   network_acl_id=networkacl.ref,
                                   protocol=-1,
                                   rule_action='allow',
                                   rule_number=100,
                                   cidr_block='0.0.0.0/0',
                                   egress=True)
        aws_ec2.CfnNetworkAclEntry(self,
                                   'NetworkAclEntry03',
                                   network_acl_id=networkacl.ref,
                                   protocol=-1,
                                   rule_action='allow',
                                   rule_number=100,
                                   cidr_block='0.0.0.0/0',
                                   egress=False)

        # public network
        publicsubnet01 = aws_ec2.CfnSubnet(
            self,
            'publicsubnet01',
            cidr_block='10.0.0.0/24',
            vpc_id=vpc.ref,
            availability_zone='ap-northeast-1a',
            tags=[core.CfnTag(key='Name', value='publicsubnet01')])
        publicsubnet02 = aws_ec2.CfnSubnet(
            self,
            'publicsubnet02',
            cidr_block='10.0.1.0/24',
            vpc_id=vpc.ref,
            availability_zone='ap-northeast-1c',
            tags=[core.CfnTag(key='Name', value='publicsubnet02')])
        publicsubnet03 = aws_ec2.CfnSubnet(
            self,
            'publicsubnet03',
            cidr_block='10.0.2.0/24',
            vpc_id=vpc.ref,
            availability_zone='ap-northeast-1d',
            tags=[core.CfnTag(key='Name', value='publicsubnet03')])
        publicroutetable01 = aws_ec2.CfnRouteTable(
            self,
            'publicroutetable01',
            vpc_id=vpc.ref,
            tags=[core.CfnTag(key='Name', value='publicroutetable01')])
        publicroutetable02 = aws_ec2.CfnRouteTable(
            self,
            'publicroutetable02',
            vpc_id=vpc.ref,
            tags=[core.CfnTag(key='Name', value='publicroutetable02')])
        publicroutetable03 = aws_ec2.CfnRouteTable(
            self,
            'publicroutetable03',
            vpc_id=vpc.ref,
            tags=[core.CfnTag(key='Name', value='publicroutetable03')])
        aws_ec2.CfnRoute(
            self,
            'publicroute01',
            destination_cidr_block='0.0.0.0/0',
            gateway_id=internetgateway.ref,
            route_table_id=publicroutetable01.ref,
        )
        aws_ec2.CfnRoute(self,
                         'publicroute02',
                         destination_cidr_block='0.0.0.0/0',
                         gateway_id=internetgateway.ref,
                         route_table_id=publicroutetable02.ref)
        aws_ec2.CfnRoute(self,
                         'publicroute03',
                         destination_cidr_block='0.0.0.0/0',
                         gateway_id=internetgateway.ref,
                         route_table_id=publicroutetable03.ref)
        aws_ec2.CfnSubnetRouteTableAssociation(
            self,
            'publicsubnetroutetableassociation01',
            route_table_id=publicroutetable01.ref,
            subnet_id=publicsubnet01.ref)
        aws_ec2.CfnSubnetRouteTableAssociation(
            self,
            'publicsubnetroutetableassociation02',
            route_table_id=publicroutetable02.ref,
            subnet_id=publicsubnet02.ref)
        aws_ec2.CfnSubnetRouteTableAssociation(
            self,
            'publicsubnetroutetableassociation03',
            route_table_id=publicroutetable03.ref,
            subnet_id=publicsubnet03.ref)
        aws_ec2.CfnSubnetNetworkAclAssociation(
            self,
            'publicSubnetNetworkAclAssociation01',
            network_acl_id=networkacl.ref,
            subnet_id=publicsubnet01.ref)
        aws_ec2.CfnSubnetNetworkAclAssociation(
            self,
            'publicSubnetNetworkAclAssociation02',
            network_acl_id=networkacl.ref,
            subnet_id=publicsubnet02.ref)
        aws_ec2.CfnSubnetNetworkAclAssociation(
            self,
            'publicSubnetNetworkAclAssociation03',
            network_acl_id=networkacl.ref,
            subnet_id=publicsubnet03.ref)

        # private network
        privatesubnet01 = aws_ec2.CfnSubnet(
            self,
            'privatesubnet01',
            cidr_block='10.0.11.0/24',
            vpc_id=vpc.ref,
            availability_zone='ap-northeast-1a',
            tags=[core.CfnTag(key='Name', value='privatesubnet01')])
        privatesubnet02 = aws_ec2.CfnSubnet(
            self,
            'privatesubnet02',
            cidr_block='10.0.12.0/24',
            vpc_id=vpc.ref,
            availability_zone='ap-northeast-1c',
            tags=[core.CfnTag(key='Name', value='privatesubnet02')])
        privatesubnet03 = aws_ec2.CfnSubnet(
            self,
            'privatesubnet03',
            cidr_block='10.0.13.0/24',
            vpc_id=vpc.ref,
            availability_zone='ap-northeast-1d',
            tags=[core.CfnTag(key='Name', value='privatesubnet03')])
        privateroutetable01 = aws_ec2.CfnRouteTable(
            self,
            'privateroutetable01',
            vpc_id=vpc.ref,
            tags=[core.CfnTag(key='Name', value='privateroutetable01')])
        privateroutetable02 = aws_ec2.CfnRouteTable(
            self,
            'privateroutetable02',
            vpc_id=vpc.ref,
            tags=[core.CfnTag(key='Name', value='privateroutetable02')])
        privateroutetable03 = aws_ec2.CfnRouteTable(
            self,
            'privateroutetable03',
            vpc_id=vpc.ref,
            tags=[core.CfnTag(key='Name', value='privateroutetable03')])
        aws_ec2.CfnSubnetRouteTableAssociation(
            self,
            'privatesubnetroutetableassociation01',
            route_table_id=privateroutetable01.ref,
            subnet_id=privatesubnet01.ref)
        aws_ec2.CfnSubnetRouteTableAssociation(
            self,
            'privatesubnetroutetableassociation02',
            route_table_id=privateroutetable02.ref,
            subnet_id=privatesubnet02.ref)
        aws_ec2.CfnSubnetRouteTableAssociation(
            self,
            'privatesubnetroutetableassociation03',
            route_table_id=privateroutetable03.ref,
            subnet_id=privatesubnet03.ref)
        eip01 = aws_ec2.CfnEIP(self,
                               'eip01',
                               tags=[core.CfnTag(key='Name', value='eip01')])
        eip02 = aws_ec2.CfnEIP(self,
                               'eip02',
                               tags=[core.CfnTag(key='Name', value='eip02')])
        eip03 = aws_ec2.CfnEIP(self,
                               'eip03',
                               tags=[core.CfnTag(key='Name', value='eip03')])
        natgateway01 = aws_ec2.CfnNatGateway(
            self,
            'natgateway01',
            allocation_id=eip01.attr_allocation_id,
            subnet_id=publicsubnet01.ref,
            tags=[core.CfnTag(key='Name', value='natgateway01')])
        natgateway02 = aws_ec2.CfnNatGateway(
            self,
            'natgateway02',
            allocation_id=eip02.attr_allocation_id,
            subnet_id=publicsubnet02.ref,
            tags=[core.CfnTag(key='Name', value='natgateway02')])
        natgateway03 = aws_ec2.CfnNatGateway(
            self,
            'natgateway03',
            allocation_id=eip03.attr_allocation_id,
            subnet_id=publicsubnet03.ref,
            tags=[core.CfnTag(key='Name', value='natgateway03')])
        aws_ec2.CfnRoute(self,
                         'privateroute01',
                         destination_cidr_block='0.0.0.0/0',
                         nat_gateway_id=natgateway01.ref,
                         route_table_id=privateroutetable01.ref)
        aws_ec2.CfnRoute(self,
                         'privateroute02',
                         destination_cidr_block='0.0.0.0/0',
                         nat_gateway_id=natgateway02.ref,
                         route_table_id=privateroutetable02.ref)
        aws_ec2.CfnRoute(self,
                         'privateroute03',
                         destination_cidr_block='0.0.0.0/0',
                         nat_gateway_id=natgateway03.ref,
                         route_table_id=privateroutetable03.ref)
        aws_ec2.CfnSubnetNetworkAclAssociation(
            self,
            'privateSubnetNetworkAclAssociation01',
            network_acl_id=networkacl.ref,
            subnet_id=privatesubnet01.ref)
        aws_ec2.CfnSubnetNetworkAclAssociation(
            self,
            'privateSubnetNetworkAclAssociation02',
            network_acl_id=networkacl.ref,
            subnet_id=privatesubnet02.ref)
        aws_ec2.CfnSubnetNetworkAclAssociation(
            self,
            'privateSubnetNetworkAclAssociation03',
            network_acl_id=networkacl.ref,
            subnet_id=privatesubnet03.ref)

        # isolate network
        '''
        isolatesubnet01 = aws_ec2.CfnSubnet(self, 'isolatesubnet01', cidr_block='10.0.21.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1a', tags=[core.CfnTag(key='Name', value='isolatesubnet01')])
        isolatesubnet02 = aws_ec2.CfnSubnet(self, 'isolatesubnet02', cidr_block='10.0.22.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1c', tags=[core.CfnTag(key='Name', value='isolatesubnet02')])
        isolatesubnet03 = aws_ec2.CfnSubnet(self, 'isolatesubnet03', cidr_block='10.0.23.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1d', tags=[core.CfnTag(key='Name', value='isolatesubnet03')])
        isolateroutetable01 = aws_ec2.CfnRouteTable(self, 'isolateroutetable01', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name', value='isolateroutetable01')])
        isolateroutetable02 = aws_ec2.CfnRouteTable(self, 'isolateroutetable02', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name', value='isolateroutetable02')])
        isolateroutetable03 = aws_ec2.CfnRouteTable(self, 'isolateroutetable03', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name', value='isolateroutetable03')])
        aws_ec2.CfnSubnetRouteTableAssociation(self, 'isolatesubnetroutetableassociation01', route_table_id=isolateroutetable01.ref, subnet_id=isolatesubnet01.ref)
        aws_ec2.CfnSubnetRouteTableAssociation(self, 'isolatesubnetroutetableassociation02', route_table_id=isolateroutetable02.ref, subnet_id=isolatesubnet02.ref)
        aws_ec2.CfnSubnetRouteTableAssociation(self, 'isolatesubnetroutetableassociation03', route_table_id=isolateroutetable03.ref, subnet_id=isolatesubnet03.ref)
        aws_ec2.CfnSubnetNetworkAclAssociation(self, 'isolateSubnetNetworkAclAssociation01', network_acl_id=networkacl.ref, subnet_id=isolatesubnet01.ref)
        aws_ec2.CfnSubnetNetworkAclAssociation(self, 'isolateSubnetNetworkAclAssociation02', network_acl_id=networkacl.ref, subnet_id=isolatesubnet02.ref)
        aws_ec2.CfnSubnetNetworkAclAssociation(self, 'isolateSubnetNetworkAclAssociation03', network_acl_id=networkacl.ref, subnet_id=isolatesubnet03.ref)
        '''
        # output
        core.CfnOutput(self,
                       'output01',
                       value=vpc.ref,
                       description='vpcid',
                       export_name='vpcid01')
        core.CfnOutput(self,
                       'output02',
                       value=publicsubnet01.ref,
                       description='publicsubnet01',
                       export_name='publicsubnet01')
        core.CfnOutput(self,
                       'output03',
                       value=publicsubnet02.ref,
                       description='publicsubnet02',
                       export_name='publicsubnet02')
        core.CfnOutput(self,
                       'output04',
                       value=publicsubnet03.ref,
                       description='publicsubnet03',
                       export_name='publicsubnet03')
        core.CfnOutput(self,
                       'output05',
                       value=privatesubnet01.ref,
                       description='privatesubnet01',
                       export_name='privatesubnet01')
        core.CfnOutput(self,
                       'output06',
                       value=privatesubnet02.ref,
                       description='privatesubnet02',
                       export_name='privatesubnet02')
        core.CfnOutput(self,
                       'output07',
                       value=privatesubnet03.ref,
                       description='privatesubnet03',
                       export_name='privatesubnet03')