def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) CfnVPC=aws_ec2.CfnVPC(self, 'CfnVPC', cidr_block='10.0.0.0/16', enable_dns_hostnames=True, enable_dns_support=True, instance_tenancy='default', tags=[core.CfnTag(key='Name',value='vpc')] ) core.CfnOutput(self, 'CfnVPCid', value=CfnVPC.ref, export_name='CfnVPCid') CfnSubnet=aws_ec2.CfnSubnet(self, 'CfnSubnet', cidr_block='10.0.0.0/24', vpc_id=CfnVPC.ref, availability_zone='ap-northeast-1a', tags=[core.CfnTag(key='Name',value='CfnSubnet')] ) core.CfnOutput(self, 'CfnSubnetid', value=CfnSubnet.ref, export_name='CfnSubnetid')
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # The code that defines your stack goes here # vpc network vpc = aws_ec2.CfnVPC(self, 'vpc', cidr_block='10.0.0.0/16', enable_dns_hostnames=True, enable_dns_support=True, instance_tenancy='default', tags=[core.CfnTag(key='Name',value='vpc')]) internetgateway = aws_ec2.CfnInternetGateway(self, 'internetgateway', tags=[core.CfnTag(key='Name',value='internetgateway')]) aws_ec2.CfnVPCGatewayAttachment(self, 'VPCGatewayAttachment', vpc_id=vpc.ref, internet_gateway_id=internetgateway.ref) # public network publicsubnet01 = aws_ec2.CfnSubnet(self, 'publicsubnet01', cidr_block='10.0.0.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1a', tags=[core.CfnTag(key='Name',value='publicsubnet01')]) publicsubnet02 = aws_ec2.CfnSubnet(self, 'publicsubnet02', cidr_block='10.0.1.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1c', tags=[core.CfnTag(key='Name',value='publicsubnet02')]) publicsubnet03 = aws_ec2.CfnSubnet(self, 'publicsubnet03', cidr_block='10.0.2.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1d', tags=[core.CfnTag(key='Name',value='publicsubnet03')]) publicroutetable01 = aws_ec2.CfnRouteTable(self, 'publicroutetable01', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name',value='publicroutetable01')]) publicroutetable02 = aws_ec2.CfnRouteTable(self, 'publicroutetable02', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name',value='publicroutetable02')]) publicroutetable03 = aws_ec2.CfnRouteTable(self, 'publicroutetable03', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name',value='publicroutetable03')]) aws_ec2.CfnRoute(self, 'publicroute01', destination_cidr_block='0.0.0.0/0', gateway_id=internetgateway.ref, route_table_id=publicroutetable01.ref,) aws_ec2.CfnRoute(self, 'publicroute02', destination_cidr_block='0.0.0.0/0', gateway_id=internetgateway.ref, route_table_id=publicroutetable02.ref) aws_ec2.CfnRoute(self, 'publicroute03', destination_cidr_block='0.0.0.0/0', gateway_id=internetgateway.ref, route_table_id=publicroutetable03.ref) aws_ec2.CfnSubnetRouteTableAssociation(self, 'publicsubnetroutetableassociation01', route_table_id=publicroutetable01.ref, subnet_id=publicsubnet01.ref) aws_ec2.CfnSubnetRouteTableAssociation(self, 'publicsubnetroutetableassociation02', route_table_id=publicroutetable02.ref, subnet_id=publicsubnet02.ref) aws_ec2.CfnSubnetRouteTableAssociation(self, 'publicsubnetroutetableassociation03', route_table_id=publicroutetable03.ref, subnet_id=publicsubnet03.ref) # private network privatesubnet01 = aws_ec2.CfnSubnet(self, 'privatesubnet01', cidr_block='10.0.11.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1a', tags=[core.CfnTag(key='Name',value='privatesubnet01')]) privatesubnet02 = aws_ec2.CfnSubnet(self, 'privatesubnet02', cidr_block='10.0.12.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1c', tags=[core.CfnTag(key='Name',value='privatesubnet02')]) privatesubnet03 = aws_ec2.CfnSubnet(self, 'privatesubnet03', cidr_block='10.0.13.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1d', tags=[core.CfnTag(key='Name',value='privatesubnet03')]) privateroutetable01 = aws_ec2.CfnRouteTable(self, 'privateroutetable01', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name',value='privateroutetable01')]) privateroutetable02 = aws_ec2.CfnRouteTable(self, 'privateroutetable02', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name',value='privateroutetable02')]) privateroutetable03 = aws_ec2.CfnRouteTable(self, 'privateroutetable03', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name',value='privateroutetable03')]) aws_ec2.CfnSubnetRouteTableAssociation(self, 'privatesubnetroutetableassociation01', route_table_id=privateroutetable01.ref, subnet_id=privatesubnet01.ref) aws_ec2.CfnSubnetRouteTableAssociation(self, 'privatesubnetroutetableassociation02', route_table_id=privateroutetable02.ref, subnet_id=privatesubnet02.ref) aws_ec2.CfnSubnetRouteTableAssociation(self, 'privatesubnetroutetableassociation03', route_table_id=privateroutetable03.ref, subnet_id=privatesubnet03.ref) eip01 = aws_ec2.CfnEIP(self, 'eip01', tags=[core.CfnTag(key='Name',value='eip01')]) eip02 = aws_ec2.CfnEIP(self, 'eip02', tags=[core.CfnTag(key='Name',value='eip02')]) eip03 = aws_ec2.CfnEIP(self, 'eip03', tags=[core.CfnTag(key='Name',value='eip03')]) natgateway01 = aws_ec2.CfnNatGateway(self, 'natgateway01', allocation_id=eip01.attr_allocation_id, subnet_id=publicsubnet01.ref, tags=[core.CfnTag(key='Name',value='natgateway01')]) natgateway02 = aws_ec2.CfnNatGateway(self, 'natgateway02', allocation_id=eip02.attr_allocation_id, subnet_id=publicsubnet02.ref, tags=[core.CfnTag(key='Name',value='natgateway02')]) natgateway03 = aws_ec2.CfnNatGateway(self, 'natgateway03', allocation_id=eip03.attr_allocation_id, subnet_id=publicsubnet03.ref, tags=[core.CfnTag(key='Name',value='natgateway03')]) aws_ec2.CfnRoute(self, 'privateroute01', destination_cidr_block='0.0.0.0/0' ,nat_gateway_id=natgateway01.ref, route_table_id=privateroutetable01.ref) aws_ec2.CfnRoute(self, 'privateroute02', destination_cidr_block='0.0.0.0/0' ,nat_gateway_id=natgateway02.ref, route_table_id=privateroutetable02.ref) aws_ec2.CfnRoute(self, 'privateroute03', destination_cidr_block='0.0.0.0/0' ,nat_gateway_id=natgateway03.ref, route_table_id=privateroutetable03.ref) # isolate network isolatesubnet01 = aws_ec2.CfnSubnet(self, 'isolatesubnet01', cidr_block='10.0.21.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1a', tags=[core.CfnTag(key='Name',value='isolatesubnet01')]) isolatesubnet02 = aws_ec2.CfnSubnet(self, 'isolatesubnet02', cidr_block='10.0.22.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1c', tags=[core.CfnTag(key='Name',value='isolatesubnet02')]) isolatesubnet03 = aws_ec2.CfnSubnet(self, 'isolatesubnet03', cidr_block='10.0.23.0/24', vpc_id=vpc.ref, availability_zone='ap-northeast-1d', tags=[core.CfnTag(key='Name',value='isolatesubnet03')]) isolateroutetable01 = aws_ec2.CfnRouteTable(self, 'isolateroutetable01', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name',value='isolateroutetable01')]) isolateroutetable02 = aws_ec2.CfnRouteTable(self, 'isolateroutetable02', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name',value='isolateroutetable02')]) isolateroutetable03 = aws_ec2.CfnRouteTable(self, 'isolateroutetable03', vpc_id=vpc.ref, tags=[core.CfnTag(key='Name',value='isolateroutetable03')]) aws_ec2.CfnSubnetRouteTableAssociation(self, 'isolatesubnetroutetableassociation01', route_table_id=isolateroutetable01.ref, subnet_id=isolatesubnet01.ref) aws_ec2.CfnSubnetRouteTableAssociation(self, 'isolatesubnetroutetableassociation02', route_table_id=isolateroutetable02.ref, subnet_id=isolatesubnet02.ref) aws_ec2.CfnSubnetRouteTableAssociation(self, 'isolatesubnetroutetableassociation03', route_table_id=isolateroutetable03.ref, subnet_id=isolatesubnet03.ref)
def __init__(self, scope: core.Construct, id: str, env, instance_id) -> None: super().__init__(scope, id, env=env) self.instance_id = instance_id # pelican.com ACM cert self.sel_cert_arn = "arn:aws:acm:us-east-2:111111111111:certificate/b8299bf5-ae3b-4f69-a696-f1d839428f5f" self.vpc = ec2.Vpc.from_vpc_attributes( self, "VPC", vpc_id='vpc-44a44b44', availability_zones=['us-east-2a', 'us-east-2c'], public_subnet_ids=['subnet-bbbbbbbb', 'subnet-cccccccc']) self.target = elbv2.InstanceTarget(instance_id=instance_id) self.lb = elbv2.CfnLoadBalancer( scope=self, id='LB', ip_address_type='ipv4', name='pelican-alb', security_groups=['sg-13a02c7a', 'sg-12a02c7b', 'sg-3bb23e52', 'sg-14a02c7d'], type='application', scheme='internet-facing', subnets=['subnet-bbbbbbbb', 'subnet-cccccccc'], tags=[core.CfnTag(key='env', value='dev')], load_balancer_attributes=[elbv2.CfnLoadBalancer.LoadBalancerAttributeProperty( key='idle_timeout.timeout_seconds', value='180' )] ) core.Tag.add(self.lb, key='cfn.single-env.stack', value='alb-stack') self.alb_dns = self.lb.attr_dns_name self.listener_443 = None
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id) self._id = id self._vpc_id = kwargs['vpc_id'] self._tags = kwargs['tags'] try: kwargs['tags'] except: self._tags_wk = None else: self._tags_wk = [ core.CfnTag(key=kwargs['tags'][i]['key'], value=kwargs['tags'][i]['value']) if kwargs['tags'] else None for i in range(len(kwargs['tags'])) ] self._internetgateway = aws_ec2.CfnInternetGateway(self, self._id, tags=self._tags_wk) aws_ec2.CfnVPCGatewayAttachment( self, 'VPCGatewayAttachment', vpc_id=self._vpc_id.ref, internet_gateway_id=self._internetgateway.ref, )
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id) self._id = id try: kwargs['cidr_block'] except: self._cidr_block = None else: self._cidr_block = kwargs['cidr_block'] try: kwargs['enable_dns_hostnames'] except: self._enable_dns_hostnames = None else: self._enable_dns_hostnames = kwargs['enable_dns_hostnames'] try: kwargs['enable_dns_support'] except: self._enable_dns_support = None else: self._enable_dns_support = kwargs['enable_dns_support'] try: kwargs['instance_tenancy'] except: self._instance_tenancy = None else: self._instance_tenancy = kwargs['instance_tenancy'] try: kwargs['tags'] except: self._tags_wk = None else: self._tags_wk = [core.CfnTag(key=kwargs['tags'][i]['key'] ,value=kwargs['tags'][i]['value']) if kwargs['tags'] else None for i in range(len(kwargs['tags']))] self._vpc = aws_ec2.CfnVPC(self, self._id, cidr_block = self._cidr_block, enable_dns_hostnames = self._enable_dns_hostnames, enable_dns_support = self._enable_dns_support, instance_tenancy = self._instance_tenancy, tags = self._tags_wk )
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # launchtemplate # https://aws.amazon.com/marketplace/pp/B00O7WM7QW ami-06a46da680048c8ae template01=aws_ec2.CfnLaunchTemplate(self, 'template01', launch_template_data={'imageId':'ami-06a46da680048c8ae', 'blockDeviceMappings':[{'deviceName':'/dev/sda1','ebs':{'deleteOnTermination':True, 'volumeSize':20, 'volumeType':'gp2'}}], 'securityGroupIds':[core.Fn.import_value('publicsecuritygroup01')], 'instanceType':'t3.micro'}, launch_template_name='public01') template02=aws_ec2.CfnLaunchTemplate(self, 'template02', launch_template_data={'imageId':'ami-06a46da680048c8ae', 'blockDeviceMappings':[{'deviceName':'/dev/sda1','ebs':{'deleteOnTermination':True, 'volumeSize':20, 'volumeType':'gp2'}}], 'securityGroupIds':[core.Fn.import_value('privatesecuritygroup01')], 'instanceType':'t3.micro'}, launch_template_name='private01') # public instance instance01=aws_ec2.CfnInstance(self, 'instance01', launch_template={'launchTemplateId': template01.ref, 'version': template01.attr_latest_version_number}, key_name='aws-example-key', subnet_id=core.Fn.import_value('publicsubnet01')) aws_ec2.CfnEIP(self, 'eip', domain='vpc', instance_id=instance01.ref, tags=[core.CfnTag(key='Name', value='eip01')]) # private instance aws_ec2.CfnInstance(self, 'instance02', launch_template={'launchTemplateId': template02.ref, 'version': template01.attr_latest_version_number}, key_name='aws-example-key', subnet_id=core.Fn.import_value('publicsubnet02'))
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id) self._id = id self._cidr_block = kwargs['cidr_block'] self._vpc_id = kwargs['vpc_id'] self._availability_zone = kwargs['availability_zone'] try: kwargs['tags'] except: self._tags_wk = None else: self._tags_wk = [ core.CfnTag(key=kwargs['tags'][i]['key'], value=kwargs['tags'][i]['value']) if kwargs['tags'] else None for i in range(len(kwargs['tags'])) ] self._subnet = aws_ec2.CfnSubnet( self, self._id, cidr_block=self._cidr_block, vpc_id=self._vpc_id.ref, availability_zone=self._availability_zone, tags=self._tags_wk)
def create_privagte_route_table( scope: core.Construct, vpc: aws_ec2.CfnVPC, nat_gateway: aws_ec2.CfnNatGateway) -> aws_ec2.CfnRouteTable: prefix = scope.node.try_get_context("prefix") az_name = [ tag['value'] for tag in nat_gateway.tags.render_tags() if tag['key'] == 'Name' ].pop() az_end = az_name[-2:] route_table = aws_ec2.CfnRouteTable( scope, f'{prefix}-route-table-nat-{az_end}', vpc_id=vpc.ref, tags=[core.CfnTag( key='Name', value=f'{prefix}-route-table-nat', )], ) aws_ec2.CfnRoute( scope, f'{prefix}-route-nat-{az_end}', route_table_id=route_table.ref, destination_cidr_block='0.0.0.0/0', nat_gateway_id=nat_gateway.ref, ) return route_table
def __init__(self, scope:core.Construct, id:str, landing_zone:LandingZone, peers:List[LandingZone], amazon_asn:int, **kwargs): """ Configure the Transit Gateways """ super().__init__(scope,id, **kwargs) self.landing_zone = landing_zone self.peers = peers self.gateway = ec2.CfnTransitGateway(self,'TransitGateway', amazon_side_asn=amazon_asn, auto_accept_shared_attachments='enable', default_route_table_association='enable', default_route_table_propagation='enable', description='HomeNet TransitGateway', dns_support='enable', vpn_ecmp_support='enable', tags=[ core.CfnTag(key='Name',value='HomeNet/TGW') ]) entries = [] for peer in peers: if peer == landing_zone: continue entries.append(ec2.CfnPrefixList.EntryProperty(cidr=peer.cidr_block,description=peer.zone_name)) ec2.CfnPrefixList(self,'PeerPrefix', address_family='IPv4', entries= entries, max_entries=100, prefix_list_name='nbachmei.homenet.tgw-peers', tags=[core.CfnTag(key='Name',value='HomeNet TGW Prefixes')]) ec2.CfnTransitGatewayAttachment(self,'VpcAttachment', subnet_ids= landing_zone.vpc.select_subnets(subnet_group_name='TGW').subnet_ids, transit_gateway_id= self.gateway.ref, vpc_id= landing_zone.vpc.vpc_id, tags=[core.CfnTag(key='Name',value='HomeNet')]) ssm.CfnParameter(self,'RegionalGatewayParameter', name='/homenet/{}/transit-gateway/gateway-id'.format(landing_zone.region), value=self.gateway.ref, type='String') self.__add_peers()
def __init__(self, scope: core.Construct, id: str, nw_stack: core.Stack, **kwargs) -> None: super().__init__(scope, id, **kwargs) tgwRt = _ec2.CfnTransitGatewayRouteTable( self, id='TgwRt', transit_gateway_id=nw_stack.tgw.ref, tags=[core.CfnTag(key='Name', value='TGW-Nat-Rt')]) _ec2.CfnTransitGatewayRouteTablePropagation( self, id='tgw-natvpc-propagation', transit_gateway_route_table_id=tgwRt.ref, transit_gateway_attachment_id=nw_stack.tgw_nat_attachment.ref) _ec2.CfnTransitGatewayRouteTableAssociation( self, id='tgw-natvpc-rt-association', transit_gateway_route_table_id=tgwRt.ref, transit_gateway_attachment_id=nw_stack.tgw_nat_attachment.ref) _ec2.CfnTransitGatewayRouteTablePropagation( self, id='tgw-appvpc-propagation', transit_gateway_route_table_id=tgwRt.ref, transit_gateway_attachment_id=nw_stack.tgw_app_attachment.ref) _ec2.CfnTransitGatewayRouteTableAssociation( self, id='tgw-appvpc-rt-association', transit_gateway_route_table_id=tgwRt.ref, transit_gateway_attachment_id=nw_stack.tgw_app_attachment.ref) # TGW Routing # All traffic is routed to NAT GW VPC _ec2.CfnTransitGatewayRoute( self, id='tgw-nat-route', transit_gateway_route_table_id=tgwRt.ref, destination_cidr_block='0.0.0.0/0', transit_gateway_attachment_id=nw_stack.tgw_nat_attachment.ref) for subnet in nw_stack.app_vpc.isolated_subnets: _ec2.CfnRoute(self, id='app-vpc-route-all-tgw', route_table_id=subnet.route_table.route_table_id, destination_cidr_block='0.0.0.0/0', transit_gateway_id=nw_stack.tgw.ref) for subnet in nw_stack.nat_vpc.public_subnets: _ec2.CfnRoute( self, id='nat-vpc-route-to-app', route_table_id=subnet.route_table.route_table_id, destination_cidr_block=nw_stack.app_vpc.vpc_cidr_block, transit_gateway_id=nw_stack.tgw.ref)
def create_subnets(self) -> None: netwk = ipaddress.ip_network(self.vpc.cidr_block) cidrs = list(netwk.subnets(new_prefix=self.cidr_mask)) cidrs.reverse() az_name = self._azs vpc_id = [ tag['value'] for tag in self.vpc.tags.render_tags() if tag['key'] == 'Name' ].pop() for layer in range(self.reserved_layers): for az_number in range(self.reserved_azs): current = [layer, az_number] cidr = str(cidrs.pop()) if current in self.desired_subnet_points: az_end = az_name[az_number][-2:] subnet_type = "private" if self.private_enabled and layer > 0 else "public" subnet = aws_ec2.CfnSubnet( self.scope, f'{vpc_id}-{subnet_type}-{az_end}', cidr_block=cidr, vpc_id=self.vpc.ref, availability_zone=az_name[az_number], tags=[ core.CfnTag( key='Name', value=f'{vpc_id}-{subnet_type}-{az_end}', ), core.CfnTag( key='Layer', value=f'{layer}', ), core.CfnTag( key='AZNumber', value=f'{az_number}', ), ], ) if self.private_enabled and layer > 0: self._private_subnets.append(subnet) else: self._public_subnets.append(subnet)
def __init__(self, scope: core.Construct, id: str, vpc_id1: str, vpc_id2: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) tag = core.CfnTag(key='Name', value=vpc_id1 + vpc_id2) self.vpc_peer = VPCPeeringConnection(self, 'vpc_peering_connection', vpc_id=vpc_id1, peer_vpc_id=vpc_id2, tags=[tag]) self.vpc_peer_ref = self.vpc_peer.ref
def create_internet_gateway(self): # インターネットゲートウェイ internet_gateway = _ec2.CfnInternetGateway( self, 'CfnInternetGateway', tags=[core.CfnTag( key='Name', value='DEMO-IGW', )]) return internet_gateway
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # def __init__(self, scope: core.Construct, id: str, cidr_range: str, tgw_asn: int, **kwargs) -> None: # super().__init__(scope, id, **kwargs) this_dir = path.dirname(__file__) # VPC Creation self.vpc = ec2.Vpc( self, "TransitVPC", max_azs=1, cidr="172.16.0.0/24", # configuration will create 1 subnet in a single AZ. subnet_configuration=[ ec2.SubnetConfiguration(subnet_type=ec2.SubnetType.ISOLATED, name="Isolated", cidr_mask=25) ]) # Transit Gateway creation self.tgw = ec2.CfnTransitGateway( self, id="TGW-USe1", amazon_side_asn=64512, auto_accept_shared_attachments="enable", default_route_table_association="enable", default_route_table_propagation="enable", tags=[core.CfnTag(key='Name', value="tgw-us-east-1")]) # Transit Gateway attachment to the VPC self.tgw_attachment = ec2.CfnTransitGatewayAttachment( self, id="TGW-Attachment", transit_gateway_id=self.tgw.ref, vpc_id=self.vpc.vpc_id, subnet_ids=[ subnet.subnet_id for subnet in self.vpc.isolated_subnets ], tags=[ core.CfnTag(key='Name', value=f"tgw-{self.vpc.vpc_id}-attachment") ])
def create_vpc(self): # VPC vpc = _ec2.CfnVPC(self, 'CfnVPC', cidr_block='10.5.5.0/24', enable_dns_hostnames=True, enable_dns_support=True, tags=[core.CfnTag( key='Name', value='DEMO-VPC', )]) return vpc
def create_subnet(self, vpc, subnet_name, cidr_block, availability_zone): subnet = _ec2.CfnSubnet( self, subnet_name, vpc_id=vpc.ref, cidr_block=cidr_block, availability_zone=availability_zone, tags=[core.CfnTag( key='Name', value=subnet_name, )]) return subnet
def create_vpc(scope: core.Construct, id: str) -> aws_ec2.CfnVPC: vpc = aws_ec2.CfnVPC( scope, f'{scope.node.try_get_context("prefix")}-vpc', cidr_block=scope.node.try_get_context("vpc_cidr"), enable_dns_hostnames=True, enable_dns_support=True, tags=[ core.CfnTag(key='Name', value=f'{scope.node.try_get_context("prefix")}') ]) return vpc
def create_elastic_ip(self, internet_gateway_attachment): # EIP1 (for NATGW) elastic_ip = _ec2.CfnEIP( self, 'CfnEIP', domain="vpc", tags=[core.CfnTag( key='Name', value='DEMO-EIP', )]) elastic_ip.add_depends_on(internet_gateway_attachment) return elastic_ip
def create_nat_gateway(self, subnet_dictionary, elastic_ip): # NatGateway nat_gateway = _ec2.CfnNatGateway( self, 'CfnNatGateway', allocation_id=elastic_ip.attr_allocation_id, subnet_id=subnet_dictionary.get('DEMO-PUBLIC-SUBNET-A').ref, tags=[core.CfnTag( key='Name', value='DEMO-NAT-GATEWAY', )]) return nat_gateway
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) self.gateway = ec2.CfnTransitGateway( self, 'TransitGateway', amazon_side_asn=64512, auto_accept_shared_attachments='enable', default_route_table_association='enable', default_route_table_propagation='enable', description='HomeNet TransitGateway', dns_support='enable', vpn_ecmp_support='enable', tags=[core.CfnTag(key='Name', value='HomeNet/TGW')])
def __init__(self, scope: core.Construct, id: str, landing_zone: IVpcLandingZone, ds: DirectoryServicesConstruct, subnet_group_name: str = 'Default', **kwargs) -> None: super().__init__(scope, id, **kwargs) core.Tags.of(self).add(key='Source', value=NetworkFileSystemsConstruct.__name__) subnet_ids = landing_zone.vpc.select_subnets( subnet_group_name=subnet_group_name).subnet_ids single_subnet = subnet_ids[0:1] preferred_subnet_id = single_subnet[0] self.windows_storage = fsx.CfnFileSystem( self, 'WinFs', subnet_ids=single_subnet, file_system_type='WINDOWS', security_group_ids=[landing_zone.security_group.security_group_id], # HDD min = 2TB / SSD = 32 storage_type='SSD', storage_capacity=500, tags=[ core.CfnTag(key='Name', value='winfs.virtual.world'), ], windows_configuration=fsx.CfnFileSystem. WindowsConfigurationProperty( weekly_maintenance_start_time='1:11:00', # Mon 6AM (UTC-5) # 2^n MiB/s with n between 8 and 2048 throughput_capacity=16, active_directory_id=ds.mad.ref, automatic_backup_retention_days=30, copy_tags_to_backups=True, deployment_type='SINGLE_AZ_2', # MULTI_AZ_1, preferred_subnet_id=preferred_subnet_id)) self.app_data = efs.FileSystem( self, 'AppData', vpc=landing_zone.vpc, enable_automatic_backups=True, file_system_name='app-data.efs.virtual.world', security_group=landing_zone.security_group, vpc_subnets=ec2.SubnetSelection( subnet_group_name=subnet_group_name), lifecycle_policy=efs.LifecyclePolicy.AFTER_14_DAYS, removal_policy=core.RemovalPolicy.SNAPSHOT)
def create_internet_gateway(scope: core.Construct, vpc: aws_ec2.CfnVPC) -> aws_ec2.CfnInternetGateway: internet_gateway = aws_ec2.CfnInternetGateway(scope, 'InternetGateway', tags=[core.CfnTag( key='Name', value='InternetGateway', )] ) aws_ec2.CfnVPCGatewayAttachment(scope, 'VPCGatewayAttachment', vpc_id=vpc.ref, internet_gateway_id=internet_gateway.ref, ) return internet_gateway
def create_public_route_table(self, vpc, internet_gateway): # RouteTable of PublicSubnet route_table_public = _ec2.CfnRouteTable( self, 'CfnRouteTablePublic', vpc_id=vpc.ref, tags=[ core.CfnTag(key="Name", value='DEMO-ROUTE-TABLE-PUBLIC'), ]) _ec2.CfnRoute(self, 'CfnRoutePublic', route_table_id=route_table_public.ref, destination_cidr_block="0.0.0.0/0", gateway_id=internet_gateway.ref) return route_table_public
def create_private_route_table(self, vpc, nat_gateway): # RouteTable of PrivateSubnet route_table_private = _ec2.CfnRouteTable( self, 'CfnRouteTablePrivate', vpc_id=vpc.ref, tags=[ core.CfnTag(key="Name", value='DEMO-ROUTE-TABLE-PRIVATE'), ]) _ec2.CfnRoute(self, 'CfnRoutePrivate', route_table_id=route_table_private.ref, destination_cidr_block="0.0.0.0/0", nat_gateway_id=nat_gateway.ref) return route_table_private
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id) self._id = id try: kwargs['tags'] except: self._tags_wk = None else: self._tags_wk = [ core.CfnTag(key=kwargs['tags'][i]['key'], value=kwargs['tags'][i]['value']) if kwargs['tags'] else None for i in range(len(kwargs['tags'])) ] self._eip = aws_ec2.CfnEIP(self, self._id, tags=self._tags_wk)
def create_nat_gateway(scope: core.Construct, vpc: aws_ec2.CfnVPC, subnet: aws_ec2.CfnSubnet) -> aws_ec2.CfnNatGateway: prefix = scope.node.try_get_context("prefix") az_end = subnet.availability_zone[-2:] eip = aws_ec2.CfnEIP(scope, f'{prefix}-eip-{az_end}') nat_gateway = aws_ec2.CfnNatGateway( scope, f'{prefix}-nat-{az_end}', allocation_id=eip.attr_allocation_id, subnet_id=subnet.ref, tags=[core.CfnTag( key='Name', value=f'{prefix}-nat-{az_end}', )], ) return nat_gateway
def create_vpc(scope: core.Construct, id: str, *, cidr_block='10.0.0.0/16', enable_dns_hostnames=True, enable_dns_support=True, instance_tenancy='default', tags='vpc01') -> aws_ec2.CfnVPC: vpc = aws_ec2.CfnVPC(scope, 'vpc', cidr_block=cidr_block, enable_dns_hostnames=enable_dns_hostnames, enable_dns_support=enable_dns_support, tags=[core.CfnTag( key='Name', value=tags, )] ) return vpc
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id) self._id = id self._routetable_id = kwargs['routetable_id'] self._internetgateway_id = kwargs['internetgateway_id'] try: kwargs['tags'] except: self._tags_wk = None else: self._tags_wk = [core.CfnTag(key=kwargs['tags'][i]['key'] ,value=kwargs['tags'][i]['value']) if kwargs['tags'] else None for i in range(len(kwargs['tags']))] self._internetgateway_id = kwargs['internetgateway_id'] self._route = aws_ec2.CfnRoute(self, self._id, gateway_id=self._internetgateway_id.ref, destination_cidr_block='0.0.0.0/0', route_table_id=self._routetable_id.ref )
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None: super().__init__(scope, id, **kwargs) # Create the VPC vpc = ec2.Vpc(self, "VPC", max_azs=1, cidr='10.0.0.0/16', subnet_configuration=[ { 'cidrMask': 24, 'name': 'Ingress', 'subnetType': ec2.SubnetType.PUBLIC, }, { 'cidrMask': 24, 'name': 'Application', 'subnetType': ec2.SubnetType.PRIVATE, } ] ) publicsubnet = vpc.public_subnets[0].subnet_id privatesubnet = vpc.private_subnets[0].subnet_id publicinstancetags = [ core.CfnTag(key="Name", value="MyPublicLabHost"), core.CfnTag(key="Project", value="lab"), core.CfnTag(key="CostCenter", value="1520") ] privateinstancetags = [ core.CfnTag(key="Name", value="MyPrivateLabHost"), core.CfnTag(key="Project", value="lab"), core.CfnTag(key="CostCenter", value="1520") ] mypublicinstance = ec2.CfnInstance(self, 'MyPublicLabHost', instance_type='t3.nano', subnet_id=publicsubnet, image_id=ec2.AmazonLinuxImage().get_image(self).image_id, tags=publicinstancetags) myprivateinstance = ec2.CfnInstance(self, 'MyPrivateLabHost', instance_type='t3.nano', subnet_id=privatesubnet, image_id=ec2.AmazonLinuxImage().get_image(self).image_id, tags=privateinstancetags) iid = mypublicinstance.ref eip = ec2.CfnEIP(self,'MyLabEip',domain='vpc',instance_id=iid)
def create_internet_gateway(scope: core.Construct, vpc: aws_ec2.CfnVPC) -> aws_ec2.CfnInternetGateway: prefix = scope.node.try_get_context("prefix") internet_gateway = aws_ec2.CfnInternetGateway( scope, f'{prefix}-igw', tags=[core.CfnTag( key='Name', value=f'{prefix}-igw', )]) aws_ec2.CfnVPCGatewayAttachment( scope, f'{prefix}-vpc-gateway-attachment', vpc_id=vpc.ref, internet_gateway_id=internet_gateway.ref, ) return internet_gateway