def _create_vpc(self, cidr_block):
self.vpc = VPC(camelcase("{self.env}Vpc".format(**locals())),
CidrBlock=cidr_block,
EnableDnsSupport=True,
EnableDnsHostnames=True,
InstanceTenancy='default',
Tags=[{
'Key': 'category',
'Value': 'services'
}, {
'Key': 'environment',
'Value': self.env
}, {
'Key': 'Name',
'Value': "{self.env}-vpc".format(**locals())
}])
self.template.add_resource(self.vpc)
self.internet_gateway = InternetGateway(
camelcase("{self.env}Ig".format(**locals())),
Tags=[{
'Key': 'Name',
'Value': "{self.env}-internet-gateway".format(**locals())
}, {
'Key': 'environment',
'Value': self.env
}])
self.template.add_resource(self.internet_gateway)
vpc_gateway_attachment = VPCGatewayAttachment(
camelcase("{self.env}Attachment".format(**locals())),
InternetGatewayId=Ref(self.internet_gateway),
VpcId=Ref(self.vpc))
self.template.add_resource(vpc_gateway_attachment)
return None
def sceptre_handler(sceptre_user_data):
t = Template()
vpc = t.add_resource(VPC(
"VirtualPrivateCloud",
CidrBlock=sceptre_user_data["cidr_block"],
InstanceTenancy="default",
EnableDnsSupport=True,
EnableDnsHostnames=True,
))
igw = t.add_resource(InternetGateway(
"InternetGateway",
))
t.add_resource(VPCGatewayAttachment(
"IGWAttachment",
VpcId=Ref(vpc),
InternetGatewayId=Ref(igw),
))
t.add_output(Output(
"VpcId",
Description="New VPC ID",
Value=Ref(vpc)
))
return t.to_json()
def add_vpc(self):
t = self.template
self.vpc = t.add_resource(VPC(
"VirtualPrivateCloud",
CidrBlock=Ref(self.cidr_block_param)
))
def add_vpc(self):
self.vpc = self.template.add_resource(VPC(
"EKSVPC",
CidrBlock=self.sceptre_user_data["cidr_block"],
EnableDnsHostnames="true",
Tags=Tags(
Name=self.sceptre_user_data["vpc_name"]
)
))
def add_vpc( template, key='VPC', name='', cidr_block='172.16.0.0/16' ):
return template.add_resource(
VPC(
key,
CidrBlock = cidr_block,
EnableDnsSupport = True,
EnableDnsHostnames = True,
Tags = Tags( Name=name )
)
)
def add_vpc(self, name):
"""
Create a VPC
:param name: Name to give the VPC
"""
self.template.add_resource(VPC(
name,
CidrBlock='10.14.0.0/16',
))
def add_vpc(self):
t = self.template
self.vpc = t.add_resource(
VPC(
"VirtualPrivateCloud",
CidrBlock=Ref(self.cidr_block_param),
InstanceTenancy="default",
EnableDnsSupport=True,
EnableDnsHostnames=True,
))
def add_vpc(self):
t = self.template
self.vpc = t.add_resource(
VPC('vpc',
CidrBlock=self.sceptre_user_data['vpc_cidr'],
EnableDnsSupport='true',
EnableDnsHostnames='true',
Tags=self.DEFAULT_TAGS +
[Tag('Name', self.sceptre_user_data['application'] + '-VPC')]))
return 0
def create_vpc_template():
template = Template()
vpc_cidr = template.add_parameter(parameter=Parameter(
title='VpcCidr', Type='String', Default='192.168.0.0/16'))
subnet_cidr_a = template.add_parameter(parameter=Parameter(
title='SubnetCidr1', Type='String', Default='192.168.1.0/24'))
subnet_cidr_b = template.add_parameter(parameter=Parameter(
title='SubnetCidr2', Type='String', Default='192.168.2.0/24'))
vpc = template.add_resource(resource=VPC(
title='SampleVpc', CidrBlock=Ref(vpc_cidr), EnableDnsHostnames=True))
igw = template.add_resource(resource=InternetGateway(title='SampleIgw'))
template.add_resource(resource=VPCGatewayAttachment(
title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw)))
subnet_a = template.add_resource(
resource=Subnet(title='SampleSubnetA',
AvailabilityZone='us-east-1a',
CidrBlock=Ref(subnet_cidr_a),
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
subnet_b = template.add_resource(
resource=Subnet(title='SampleSubnetB',
AvailabilityZone='us-east-1b',
CidrBlock=Ref(subnet_cidr_b),
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
route_table = template.add_resource(
resource=RouteTable(title='SampleRoteTable', VpcId=Ref(vpc)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SampleRoteTableAssociationA',
RouteTableId=Ref(route_table),
SubnetId=Ref(subnet_a)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SampleRoteTableAssociationB',
RouteTableId=Ref(route_table),
SubnetId=Ref(subnet_b)))
template.add_resource(resource=Route(title='SampleRoute',
DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(igw),
RouteTableId=Ref(route_table)))
with open('./vpc.yml', mode='w') as file:
file.write(template.to_yaml())
def create_vpc(vpc_title, vpc_cidr=None):
if vpc_cidr is None:
vpc_cidr = '10.0.1.0/24'
_vpc = VPC(title=vpc_title,
CidrBlock=vpc_cidr,
EnableDnsSupport=True,
EnableDnsHostnames=True)
return _vpc
def __build_vpc(self):
vpc = self.__template.add_resource(
VPC(
self.__vpc_config.name,
CidrBlock=self.__vpc_config.cidr,
EnableDnsSupport=self.__vpc_config.enable_dns_support,
EnableDnsHostnames=self.__vpc_config.enable_dns_hostnames,
Tags=self.__vpc_config.tags,
))
self.__template.add_output(
Output("VpcId", Value=Ref(vpc), Description="The Vpc Id"))
return vpc
def create_vpc(self):
t = self.template
t.add_resource(
VPC(self.vpc_name,
CidrBlock=self.vpc_cidr,
EnableDnsHostnames=True,
EnableDnsSupport=True))
t.add_output(
Output("VPCID",
Value=Ref(self.vpc_name),
Export=Export(
Sub("${AWS::StackName}-" + self.vpc_name + "-ID"))))
def add_vpc(self):
'''
Add a VPC for Anchore Engine
'''
self.cfn_template.add_resource(
VPC(
title=constants.VPC,
CidrBlock=Ref('VPCCIDRBlock'),
EnableDnsSupport=bool('true'),
EnableDnsHostnames=bool('true'),
InstanceTenancy='default',
))
return self.cfn_template
def create_vpc_template() -> Template:
template = Template()
vpc_cidr = template.add_parameter(parameter=Parameter(
title='VpcCidr', Type='String', Default='10.0.0.0/16'))
vpc = template.add_resource(
resource=VPC(title='SampleVpc', CidrBlock=Ref(vpc_cidr)))
add_export(template, vpc.title + 'Id', Ref(vpc))
public_subnet = __create_public_subnet(template, vpc)
__create_private_subnet(template, vpc)
# __create_dmz_subnet(template, vpc, public_subnet)
return template
def create_vpc_template():
template = Template()
vpc_cidr = template.add_parameter(parameter=Parameter(
title='VpcCidr', Type='String', Default='192.168.0.0/16'))
vpc = template.add_resource(
resource=VPC(title='SampleVpc', CidrBlock=Ref(vpc_cidr)))
public_subnet = __create_public_subnet(template, vpc)
__create_private_subnet(template, vpc)
__create_dmz_subnet(template, vpc, public_subnet)
with open('./vpc.yml', mode='w') as file:
file.write(template.to_yaml())
def create_vpc(stack, name):
"""Add VPC Resource."""
return stack.stack.add_resource(
VPC(
'{0}VPC'.format(name),
EnableDnsSupport='true',
CidrBlock=Ref(stack.vpc_address_param),
EnableDnsHostnames='true',
Tags=[
{
'Key': 'Name',
'Value': '{0}'.format(name)
},
],
))
def _create_vpc(self):
if self.vpc:
self.tpl.add_output(Output(self.OUTPUT_VPC, Value=self.vpc))
self.tpl.add_output(Output(self.OUTPUT_SUBNETS, Value=','.join(self.subnets)))
return
vpc = VPC(self.RESOURCE_EKS_VPC.name, CidrBlock=self.vpc_cidr, Tags=Tags(Name=self.tag_name))
self.tpl.add_resource(vpc)
gateway = self.tpl.add_resource(InternetGateway(self.RESOURCE_VPC_INTERNET_GATEWAY.name))
self.tpl.add_resource(VPCGatewayAttachment(
self.RESOURCE_VPC_GATEWAY_ATTACHMENT.name, VpcId=Ref(vpc), InternetGatewayId=Ref(gateway),
DependsOn=gateway,
))
rt = self.tpl.add_resource(RouteTable(
self.RESOURCE_VPC_ROUTE_TABLE.name, VpcId=Ref(vpc), DependsOn=gateway,
Tags=Tags(Name='public subnet', Network='public'),
))
self.tpl.add_resource(Route(
self.RESOURCE_VPC_ROUTE.name, RouteTableId=Ref(rt), DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(gateway),
))
self.resources.extend(deepcopy([self.RESOURCE_EKS_VPC, self.RESOURCE_VPC_INTERNET_GATEWAY,
self.RESOURCE_VPC_GATEWAY_ATTACHMENT, self.RESOURCE_VPC_ROUTE_TABLE,
self.RESOURCE_VPC_ROUTE]))
subnets = []
vpc_network = IPNetwork(self.vpc_cidr)
prefixlen = IPNetwork(self.vpc_cidr).prefixlen + (len(self.zones) - 1).bit_length()
cidrs = list(vpc_network.subnet(prefixlen))
for i, zone in enumerate(self.zones):
sname = self.RESOURCE_FORMAT_SUBNET.format(i + 1)
staname = self.RESOURCE_FORMAT_SUBNET_RTA.format(i + 1)
subnet = self.tpl.add_resource(Subnet(
sname, AvailabilityZone=zone, VpcId=Ref(vpc), CidrBlock=str(cidrs[i].cidr),
Tags=Tags(Name='{}-{}'.format(self.name, str(i + 1)))
))
self.resources.append(Resource(sname, 'EKS VPC {}'.format(sname), Status.not_exist))
self.tpl.add_resource(SubnetRouteTableAssociation(
staname, SubnetId=Ref(subnet), RouteTableId=Ref(rt)
))
self.resources.append(Resource(staname, 'EKS VPC {}'.format(staname), Status.not_exist))
subnets.append(subnet)
self.subnet_refs = [Ref(s) for s in subnets]
self.tpl.add_output(Output(self.OUTPUT_VPC, Value=Ref(vpc)))
self.tpl.add_output(Output(self.OUTPUT_SUBNETS, Value=Join(',', self.subnet_refs)))
def __build_vpc(self):
vpc = self.__template.add_resource(
VPC(
self.__vpc_config.name,
CidrBlock=self.__vpc_config.cidr,
EnableDnsSupport=self.__vpc_config.enable_dns_support,
EnableDnsHostnames=self.__vpc_config.enable_dns_hostnames,
Tags=self.__vpc_config.tags,
)
)
self.__template.add_output(Output("VpcId", Value=Ref(vpc), Description="The Vpc Id"))
additional_vpc_cidr_blocks = []
for idx, cidr_block in enumerate(self.__vpc_config.additional_cidr_blocks):
additional_vpc_cidr_blocks.append(
self.__template.add_resource(
VPCCidrBlock(f"AdditionalVPCCidrBlock{idx}", CidrBlock=cidr_block, VpcId=Ref(vpc))
)
)
return vpc, additional_vpc_cidr_blocks
def _add_resources(self):
self.vpc = VPC(
"VirtualPrivateCloud",
CidrBlock=Ref(self.parameters['CidrBlock']),
InstanceTenancy="default",
EnableDnsSupport=True,
EnableDnsHostnames=True,
Tags=Tags(
Name=Ref(self.parameters['StackPrefix'])
),
)
self.template.add_resource(self.vpc)
self.igw = InternetGateway(
"InternetGateway",
)
self.template.add_resource(self.igw)
self.igw_attachment = VPCGatewayAttachment(
"IGWAttachment",
VpcId=Ref(self.vpc),
InternetGatewayId=Ref(self.igw),
)
self.template.add_resource(self.igw_attachment)
redshiftclusterparametergroup = t.add_resource(ClusterParameterGroup(
"RedshiftClusterParameterGroup",
Description="Cluster parameter group",
ParameterGroupFamily="redshift-1.0",
Parameters=[amazonredshiftparameter1],
))
redshiftclustersubnetgroup = t.add_resource(ClusterSubnetGroup(
"RedshiftClusterSubnetGroup",
Description="Cluster subnet group",
SubnetIds=Ref("Subnet"),
))
vpc = t.add_resource(VPC(
"VPC",
CidrBlock="10.0.0.0/16",
))
subnet = t.add_resource(Subnet(
"Subnet",
CidrBlock="10.0.0.0/24",
VpcId=Ref("VPC"),
))
internetgateway = t.add_resource(InternetGateway(
"InternetGateway",
))
gatewayattachment = t.add_resource(VPCGatewayAttachment(
"GatewayAttachment",
VpcId=Ref("VPC"),
VPCGatewayAttachment,
)
from configuration import (
vpc_cidr,
public_subnet_cidr,
loadbalancer_a_subnet_cidr,
loadbalancer_b_subnet_cidr,
container_a_subnet_cidr,
container_b_subnet_cidr,
)
template = Template()
vpc = template.add_resource(VPC(
"Vpc",
CidrBlock=vpc_cidr,
))
internet_gateway = template.add_resource(InternetGateway("InternetGateway", ))
template.add_resource(
VPCGatewayAttachment(
"GatewayAttachment",
VpcId=Ref(vpc),
InternetGatewayId=Ref(internet_gateway),
))
public_route_table = template.add_resource(
RouteTable(
"PublicRouteTable",
VpcId=Ref(vpc),
))
RDSSubnetGroup = t.add_resource(
DBSubnetGroup(
"RDSSubnetGroup",
SubnetIds=[Ref("DBSubnet1"),
Ref("DBSubnet2"),
Ref("DBSubnet3")],
DBSubnetGroupDescription=Ref("AWS::StackName"),
))
VPC = t.add_resource(
VPC(
"VPC",
InstanceTenancy="default",
EnableDnsSupport=True,
CidrBlock="10." + str(environment_index) + ".0.0/16",
EnableDnsHostnames=True,
Tags=Tags(Name=Ref("AWS::StackName"), ),
))
InternetGatewayAttachment = t.add_resource(
VPCGatewayAttachment(
"InternetGatewayAttachment",
VpcId=Ref("VPC"),
InternetGatewayId=Ref("InternetGateway"),
))
InternetGateway = t.add_resource(
InternetGateway(
"InternetGateway",
Tags=Tags(Name=Ref("AWS::StackName"), ),
'NatGateway': 'veri-NatGateway'
},
'output': {
'Vpc': 'veri-vpc-id',
'Igw': 'veri-igw-id',
'PublicSubnet': 'veri-PublicSubnet-id',
'PrivateSubnet': 'veri-PrivateSubnet-id',
'PublicRouteTable': 'veri-PublicRoute-id',
'PrivateRouteTable': 'veri-PrivateRoute-id',
'NatGateway': 'veri-NatGateway-id'
}
})
VPC = t.add_resource(
VPC('VPC',
CidrBlock=FindInMap(Ref(environmentType_param), 'cidr', 'Vpc'),
Tags=Tags(Name=FindInMap(Ref(environmentType_param), 'tags', 'Vpc'))))
PublicSubnet = t.add_resource(
Subnet('PublicSubnet',
CidrBlock=FindInMap(Ref(environmentType_param), 'cidr', 'Public'),
VpcId=Ref(VPC),
Tags=Tags(Name=FindInMap(Ref(environmentType_param), 'tags',
'PublicSubnet'))))
PrivateSubnet = t.add_resource(
Subnet('PrivateSubnet',
CidrBlock=FindInMap(Ref(environmentType_param), 'cidr', 'Private'),
VpcId=Ref(VPC),
Tags=Tags(Name=FindInMap(Ref(environmentType_param), 'tags',
'PrivateSubnet'))))
]),
ManagedPolicyArns=[
"arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryPowerUser",
"arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM"
],
Path="/",
Policies=policies))
rootInstanceProfile = template.add_resource(
InstanceProfile("RootInstanceProfile", Path="/", Roles=[Ref(rootRole)]))
############################# VPC AND SUBNET ###########################################
VPC = template.add_resource(
VPC('VPC',
CidrBlock=vpc.CidrBlock,
EnableDnsSupport=True,
EnableDnsHostnames=True,
Tags=Tags(Name=environmentString + "VPC",
Stack=Ref("AWS::StackName"))))
vpc.instance = VPC
for f in vpc.subnets:
subnet = template.add_resource(
Subnet(f.name,
CidrBlock=f.CidrBlock,
VpcId=Ref(VPC),
MapPublicIpOnLaunch=f.MapPublicIpOnLaunch,
AvailabilityZone=Select(f.AvailabilityZone, GetAZs()),
Tags=Tags(Name=environmentString + f.name,
Stack=Ref("AWS::StackName"))))
f.instance = subnet
# Parameters
vpcName_param = t.add_parameter(Parameter(
"VpcName",
Description="VPC for %s environment" % data['EnvInfo']['Name'],
Default="%s-VPC" % data['EnvInfo']['Name'],
Type="String"
))
### Create the VPC, with Name from Parameter and CIDR from the defined environment
VPC = t.add_resource(VPC(
"VPC",
EnableDnsSupport="true",
CidrBlock=data['CIDRInfo']['cidr'],
EnableDnsHostnames="true",
Tags=Tags(**{
'Name': '%s' % data['Tags']['Name'],
'Env': '%s' % data['Tags']['Env'],
'Owner': '%s' % data['Tags']['Owner']
})
))
### Create Internet Gateway for VPC, to enable VMs to access Internet
InternetGateway = t.add_resource(InternetGateway(
"InternetGateway",
Tags=Tags(**{
'Name': '%s - Public Network IGW' % data['EnvInfo']['Name'],
'Env': '%s' % data['Tags']['Env'],
'Owner': '%s' % data['Tags']['Owner']
})
))
('1', '10.43.1.0/24', 'us-east-1a'),
('2', '10.43.2.0/24', 'us-east-1b'),
('3', '10.43.3.0/24', 'us-east-1d')
],
'cidr_block': '10.43.1.0/16',
'name': 'demo'
}
}
# the template object
t = Template()
# create VPC
vpc = VPC(config['name'] + 'Vpc')
vpc.CidrBlock = config['vpc']['cidr_block']
vpc.EnableDnsSupport = True
vpc.EnableDnsHostnames = True
vpc.Tags = Tags(Name=config['vpc']['name'])
t.add_resource(vpc)
# internet gateway
internet_gateway = InternetGateway('InternetGateway')
t.add_resource(internet_gateway)
gateway_attachment = VPCGatewayAttachment('GatewayAttachment')
gateway_attachment.VpcId = Ref(vpc)
gateway_attachment.InternetGatewayId = Ref('InternetGateway')
t.add_resource(gateway_attachment)
Tags=Tags(Name=Sub("${EnvironmentName} NatGw (AZ1)"), ),
))
NatGateway2 = template.add_resource(
NatGateway(
"NatGateway2",
SubnetId=Ref("IgwSubnet2"),
AllocationId=Ref(IgwSubnet2Eip),
Tags=Tags(Name=Sub("${EnvironmentName} NatGw (AZ2)"), ),
))
VPC = template.add_resource(
VPC(
"VPC",
EnableDnsSupport=True,
CidrBlock=Ref(VpcCIDR),
EnableDnsHostnames=True,
Tags=Tags(Name=Ref(EnvironmentName), ),
))
Private2 = template.add_resource(
Subnet(
"Private2",
Tags=Tags(Name=Sub("${EnvironmentName} Private Subnet (AZ2)"), ),
VpcId=Ref(VPC),
CidrBlock=Ref(Private2CIDR),
MapPublicIpOnLaunch=False,
AvailabilityZone=Select(1, GetAZs("")),
))
Private1 = template.add_resource(
parameters[ "Project" ] = template.add_parameter(Parameter(
"Project",
Type="String",
Description="Project Name",
Default="hello-world"))
### Template Resources ###
resources = {}
### VPC ###
resources[ "VPC" ] = template.add_resource(VPC(
"VPC",
CidrBlock = "10.0.0.0/24",
EnableDnsHostnames = True,
EnableDnsSupport = True,
Tags = [ { "Key": "Name", "Value": Join("-", [ Ref(parameters[ "Project" ]), "vpc" ]) },
{ "Key": "Project", "Value": Ref(parameters[ "Project" ]) }]))
### Internet Gateway ###
resources[ "InternetGateway" ] = template.add_resource(InternetGateway(
"InternetGateway",
Tags = [ { "Key": "Name", "Value": Join("-", [ Ref(parameters[ "Project" ]), "igw" ]) },
{ "Key": "Project", "Value": Ref(parameters[ "Project" ]) }]))
resources[ "VPCGatewayAttachmentIGW" ] = template.add_resource(VPCGatewayAttachment(
"VPCGatewayAttachmentIGW",
DependsOn = [ resource for resource in [ "InternetGateway",
"VPC" ] ],
InternetGatewayId = Ref(resources[ "InternetGateway" ]),
from troposphere import Parameter, Ref, Template
from troposphere.autoscaling import AutoScalingGroup, LaunchConfiguration
from troposphere.policies import AutoScalingReplacingUpdate, AutoScalingRollingUpdate, UpdatePolicy
from troposphere.ec2 import VPC, Subnet, SecurityGroup, SecurityGroupRule
t = Template()
vpc = t.add_resource(VPC('TestVPC', CidrBlock="10.10.0.0/16"))
subnet1 = t.add_resource(
Subnet('TestSubnet1',
CidrBlock='10.10.10.0/24',
VpcId=Ref(vpc),
AvailabilityZone='ap-northeast-2a'))
subnet2 = t.add_resource(
Subnet('TestSubnet2',
CidrBlock='10.10.20.0/24',
VpcId=Ref(vpc),
AvailabilityZone='ap-northeast-2b'))
instanceSecurityGroup = t.add_resource(
SecurityGroup('TestSecurityGroup',
GroupDescription='Test SG',
SecurityGroupIngress=[
SecurityGroupRule(IpProtocol='tcp',
FromPort='22',
ToPort='22',
CidrIp='10.10.0.0/32'),
SecurityGroupRule(IpProtocol='tcp',
FromPort='80',
from troposphere import Template, Ref
from troposphere.ec2 import VPC, VPCPeeringConnection
t = Template()
vpc1 = t.add_resource(VPC("TestVpc1", CidrBlock="10.10.0.0/16"))
vpc2 = t.add_resource(VPC("TestVpc2", CidrBlock="172.10.0.0/16"))
t.add_resource(
VPCPeeringConnection("TestPeering", VpcId=Ref(vpc1), PeerVpcId=Ref(vpc2)))
print(t.to_json())
InternetGateway,
NatGateway,
Route,
RouteTable,
Subnet,
SubnetRouteTableAssociation,
VPC,
VPCGatewayAttachment,
)
from .template import template
vpc = VPC(
"Vpc",
template=template,
CidrBlock="10.0.0.0/16",
)
# Allow outgoing to outside VPC
internet_gateway = InternetGateway(
"InternetGateway",
template=template,
)
# Attach Gateway to VPC
VPCGatewayAttachment(
"GatewayAttachement",
template=template,
