def _add_subnets(self): public_key = "PubSubnet" private_key = "PrivSubnet" for i, key in enumerate( [p for p in self.parameters if p.startswith(public_key)]): name = public_key + str(i + 1) self.public_subnets[name] = Subnet( name, CidrBlock=Ref(self.parameters[key]), VpcId=Ref(self.parameters['VpcId']), AvailabilityZone=Ref(self.parameters['Az' + str(i + 1)]), MapPublicIpOnLaunch=True, Tags=Tags(Name=Join('-', [ Ref(self.parameters['StackPrefix']), "pub", Ref(self.parameters['Az' + str(i + 1)]) ])), ) self.template.add_resource(self.public_subnets[name]) for i, key in enumerate( [p for p in self.parameters if p.startswith(private_key)]): name = private_key + str(i + 1) self.private_subnets[name] = Subnet( name, CidrBlock=Ref(self.parameters[key]), VpcId=Ref(self.parameters['VpcId']), AvailabilityZone=Ref(self.parameters['Az' + str(i + 1)]), MapPublicIpOnLaunch=True, Tags=Tags(Name=Join('-', [ Ref(self.parameters['StackPrefix']), "priv", Ref(self.parameters['Az' + str(i + 1)]) ])), ) self.template.add_resource(self.private_subnets[name])
def create_vpc_template(): template = Template() vpc_cidr = template.add_parameter(parameter=Parameter( title='VpcCidr', Type='String', Default='192.168.0.0/16')) subnet_cidr_a = template.add_parameter(parameter=Parameter( title='SubnetCidr1', Type='String', Default='192.168.1.0/24')) subnet_cidr_b = template.add_parameter(parameter=Parameter( title='SubnetCidr2', Type='String', Default='192.168.2.0/24')) vpc = template.add_resource(resource=VPC( title='SampleVpc', CidrBlock=Ref(vpc_cidr), EnableDnsHostnames=True)) igw = template.add_resource(resource=InternetGateway(title='SampleIgw')) template.add_resource(resource=VPCGatewayAttachment( title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw))) subnet_a = template.add_resource( resource=Subnet(title='SampleSubnetA', AvailabilityZone='us-east-1a', CidrBlock=Ref(subnet_cidr_a), MapPublicIpOnLaunch=True, VpcId=Ref(vpc))) subnet_b = template.add_resource( resource=Subnet(title='SampleSubnetB', AvailabilityZone='us-east-1b', CidrBlock=Ref(subnet_cidr_b), MapPublicIpOnLaunch=True, VpcId=Ref(vpc))) route_table = template.add_resource( resource=RouteTable(title='SampleRoteTable', VpcId=Ref(vpc))) template.add_resource(resource=SubnetRouteTableAssociation( title='SampleRoteTableAssociationA', RouteTableId=Ref(route_table), SubnetId=Ref(subnet_a))) template.add_resource(resource=SubnetRouteTableAssociation( title='SampleRoteTableAssociationB', RouteTableId=Ref(route_table), SubnetId=Ref(subnet_b))) template.add_resource(resource=Route(title='SampleRoute', DestinationCidrBlock='0.0.0.0/0', GatewayId=Ref(igw), RouteTableId=Ref(route_table))) with open('./vpc.yml', mode='w') as file: file.write(template.to_yaml())
def __build_subnet(self, subnet_config: SubnetConfig, vpc: VPC): subnet = Subnet( subnet_config.name, CidrBlock=subnet_config.cidr, VpcId=Ref(vpc), MapPublicIpOnLaunch=subnet_config.map_public_ip_on_launch, Tags=subnet_config.tags(), ) if subnet_config.availability_zone: subnet.AvailabilityZone = subnet_config.availability_zone self.__template.add_resource(subnet) self.__template.add_output(Output(subnet_config.name + "Id", Value=Ref(subnet))) return subnet
def __build_subnet(self, subnet_config: SubnetConfig, vpc: VPC): subnet = Subnet( subnet_config.name, CidrBlock=subnet_config.cidr, VpcId=Ref(vpc), MapPublicIpOnLaunch=subnet_config.map_public_ip_on_launch, Tags=subnet_config.tags(), ) if subnet_config.availability_zone: subnet.AvailabilityZone = subnet_config.availability_zone self.__template.add_resource(subnet) self.__template.add_output( Output(subnet_config.name + "Id", Value=Ref(subnet))) return subnet
def _add_subnet_to_az(self, az, cidr, suffix): subnet = self.add_resource(Subnet( "%sSubnet%s" % (self.name, suffix), VpcId=self.vpc_id, AvailabilityZone=az, CidrBlock=cidr, Tags=Tags( Name=Join("", [Ref("AWS::StackName"), "-public"]), ) )) route_tbl = self.add_resource(RouteTable( "%sRouteTable%s" % (self.name, suffix), VpcId=self.vpc_id, Tags=Tags(Name=Join("", [Ref("AWS::StackName"), "-public"])) )) route = self.add_resource(Route( "%sRoute%s" % (self.name, suffix), GatewayId=self.igw, DestinationCidrBlock="0.0.0.0/0", RouteTableId=Ref(route_tbl), )) subnet_route_tbl_assoc = self.add_resource(SubnetRouteTableAssociation( "%sSubnetRouteAssoc%s" % (self.name, suffix), SubnetId=Ref(subnet), RouteTableId=Ref(route_tbl), )) return subnet
def __build_subnet(self, subnet_config: SubnetConfig, vpc: VPC, additional_vpc_cidr_blocks: VPCCidrBlock): if not subnet_config.cidr: cidr = Ref( self.__template.add_parameter( Parameter( f"{subnet_config.name}CIDR", Description=f"The CIDR of the {subnet_config.name}", Type="String", AllowedPattern=r"\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/(1[6-9]|2[0-9]|3[0-2])$", ) ) ) else: cidr = subnet_config.cidr subnet = Subnet( subnet_config.name, CidrBlock=cidr, VpcId=Ref(vpc), MapPublicIpOnLaunch=subnet_config.map_public_ip_on_launch, Tags=subnet_config.tags(), AvailabilityZone=subnet_config.availability_zone or self.__availability_zone, DependsOn=additional_vpc_cidr_blocks, ) self.__template.add_resource(subnet) self.__template.add_output(Output(subnet_config.name + "SubnetId", Value=Ref(subnet))) return subnet
def __create_dmz_subnet(template: Template, vpc, public_subnet): dmz_subnet_cidr = template.add_parameter(parameter=Parameter( title='DmzSubnetCidr', Type='String', Default='192.168.3.0/24')) dmz_subnet = template.add_resource( resource=Subnet(title='SampleDmzSubnet', CidrBlock=Ref(dmz_subnet_cidr), VpcId=Ref(vpc))) dmz_route_table = template.add_resource( resource=RouteTable(title='SampleDmzRoteTable', VpcId=Ref(vpc))) template.add_resource(resource=SubnetRouteTableAssociation( title='SampleDmzRoteTableAssociation', RouteTableId=Ref(dmz_route_table), SubnetId=Ref(dmz_subnet))) eip = template.add_resource(resource=EIP(title='SampleEip', )) ngw = template.add_resource( resource=NatGateway(title='SampleNatGateway', AllocationId=GetAtt(eip, "AllocationId"), SubnetId=Ref(public_subnet))) template.add_resource(resource=Route(title='SampleDmzRoute', DestinationCidrBlock='0.0.0.0/0', NatGatewayId=Ref(ngw), RouteTableId=Ref(dmz_route_table)))
def add_public_subnet_c(self): self.public_subnet_c = self.template.add_resource(Subnet( 'PublicSubnetC', CidrBlock=self.sceptre_user_data["public_subnet_c"], MapPublicIpOnLaunch=True, VpcId=Ref(self.vpc), ))
def __create_public_subnet(template: Template, vpc) -> Subnet: public_subnet_cidr = template.add_parameter(parameter=Parameter( title='PublicSubnetCidr', Type='String', Default='192.168.1.0/24')) igw = template.add_resource(resource=InternetGateway(title='SampleIgw')) template.add_resource(resource=VPCGatewayAttachment( title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw))) public_subnet = template.add_resource( resource=Subnet(title='SamplePublicSubnet', CidrBlock=Ref(public_subnet_cidr), MapPublicIpOnLaunch=True, VpcId=Ref(vpc))) public_route_table = template.add_resource( resource=RouteTable(title='SamplePublicRoteTable', VpcId=Ref(vpc))) template.add_resource(resource=SubnetRouteTableAssociation( title='SamplePublicRoteTableAssociation', RouteTableId=Ref(public_route_table), SubnetId=Ref(public_subnet))) template.add_resource(resource=Route(title='SamplePublicRoute', DestinationCidrBlock='0.0.0.0/0', GatewayId=Ref(igw), RouteTableId=Ref(public_route_table))) return public_subnet
def add_subnet(self, name, availability_zone, cidr_block, routing_table_name, vpc_name): """ Create a subnet :param name: Name fo the subnet :param availability_zone: AZ to deploy into :param cidr_block: CIDR block :param routing_table_name: Name of routing table :param vpc_name: Name of VPC """ if isinstance(vpc_name, Ref): vpc = vpc_name else: vpc = Ref(vpc_name) self.template.add_resource( Subnet( name, AvailabilityZone=availability_zone, CidrBlock=cidr_block, VpcId=vpc, )) self.template.add_resource( SubnetRouteTableAssociation( "SubnetRouteTableAssociation{}".format(name), SubnetId=Ref(name), RouteTableId=Ref(routing_table_name), ))
def create_private_subnet(self, zone, ip_network): """Create private subnet and associated resources""" if not 'Public' in self.network['Subnets'][zone]: raise Exception(("Public subnet in {} does not exist to " "create private subnet!").format(zone)) elif not 'NatGateway' in self.network['Subnets'][zone]['Public']: raise Exception( ("No NAT Gateway in public subnet {} to associate " "default route with in private subnet!").format(zone)) zone_title = self.data['Title'] + TITLE_CLEANUP_RE.subn('', zone)[0] tag = Tag(Key='Name', Value='{} {} Private'.format(self.data['Name'], zone)) subnet = Subnet(title=zone_title + 'Private', template=self.data['Template'], AvailabilityZone=zone, CidrBlock=ip_network, MapPublicIpOnLaunch=False, Tags=[tag] + self.data['Tags'], VpcId=Ref(self.network['VPC'])) tag = Tag(Key='Name', Value='{} {} Private Route Table'.format( self.data['Name'], zone)) routetable = RouteTable(title=zone_title + 'PrivateRouteTable', template=self.data['Template'], VpcId=Ref(self.network['VPC']), Tags=[tag] + self.data['Tags']) nat_gateway_id = Ref( self.network['Subnets'][zone]['Public']['NatGateway']) route = Route(title=zone_title + 'PrivateDefaultRoute', template=self.data['Template'], DestinationCidrBlock='0.0.0.0/0', NatGatewayId=nat_gateway_id, RouteTableId=Ref(routetable)) subnetroutetableassociation = SubnetRouteTableAssociation( title=zone_title + 'PrivateSubnetRouteTableAssociation', template=self.data['Template'], RouteTableId=Ref(routetable), SubnetId=Ref(subnet)) self.network['Subnets'][zone]['Private'] = {} self.network['Subnets'][zone]['Private']['Subnet'] = subnet self.network['Subnets'][zone]['Private']['RouteTable'] = routetable self.network['Subnets'][zone]['Private']['DefaultRoute'] = route self.network['Subnets'][zone]['Private'][ 'SubnetRouteTableAssociation'] = subnetroutetableassociation # Export Private Subnet ID self.add_output( title=self.data['Title'] + zone_title + 'PrivateSubnet', description="Private Subnet ID of {} in {}".format( self.data['Name'], zone), value=Ref(subnet), export=Sub('${{AWS::StackName}}{}PrivateSubnet'.format(zone))) # Export Private Route Table ID self.add_output( title=self.data['Title'] + zone_title + 'PrivateRouteTable', description="Private Route Table ID of {} in {}".format( self.data['Name'], zone), value=Ref(routetable), export=Sub('${{AWS::StackName}}{}PrivateRouteTable'.format(zone)))
def create_subnet(self, subnet_name, cidr_block, vpc_name, availability_zone): t = self.template t.add_resource( Subnet(subnet_name, CidrBlock=cidr_block, VpcId=Ref(vpc_name), AvailabilityZone=availability_zone))
def add_private_net(self): self.private_net = self.template.add_resource( Subnet( 'PrivateSubnet', CidrBlock=self.sceptre_user_data["private_subnet"], MapPublicIpOnLaunch=False, VpcId=Ref(self.vpc), ))
def add_public_net(self): self.public_net = self.template.add_resource( Subnet( 'PublicSubnet', CidrBlock=self.sceptre_user_data["public_subnet"], MapPublicIpOnLaunch=True, VpcId=Ref("VPC"), ))
def build_subnet(self, t, name, az, cidr): subnet = t.add_resource( Subnet(name.replace('-', ''), VpcId=Ref(self.vpc), AvailabilityZone=az, CidrBlock=cidr, Tags=self.DEFAULT_TAGS + [Tag('Name', name)])) return subnet
def add_subnet( template, key, cidr_block, vpc, name='' ): return template.add_resource( Subnet( key, VpcId = Ref( vpc ), CidrBlock = cidr_block, Tags = Tags( Name=name ) ) )
def add_private_subnet2(self): ''' Add a private subnet 2 ''' self.cfn_template.add_resource( Subnet(title=constants.PRIV_SUBNET2, VpcId=Ref(constants.VPC), CidrBlock=Ref('PrivateSubnet2CIDRBlock'), AvailabilityZone=Select('1', GetAZs()))) return self.cfn_template
def create_template(): template = Template() vpc = template.add_parameter( parameter=Parameter(title='Vpc', Type='String')) key_name = template.add_parameter( parameter=Parameter(title='KeyName', Type='String')) subnet_a = template.add_resource( resource=Subnet(title='SampleSubnetA', AvailabilityZone='us-east-1a', CidrBlock='192.168.10.0/24', MapPublicIpOnLaunch=True, VpcId=Ref(vpc))) template.add_resource(resource=Subnet(title='SampleSubnetB', AvailabilityZone='us-east-1b', CidrBlock='192.168.11.0/24', MapPublicIpOnLaunch=True, VpcId=Ref(vpc))) security_group = template.add_resource( resource=SecurityGroup(title='SampleSecurityGroup', GroupDescription='sample', VpcId=Ref(vpc), SecurityGroupIngress=[{ 'IpProtocol': 'tcp', 'FromPort': 80, 'ToPort': 80, 'CidrIp': '0.0.0.0/0', }])) template.add_resource(resource=Instance( title='SampleEc2Instance', SubnetId=Ref(subnet_a), SecurityGroupIds=[Ref(security_group)], InstanceType='t2.micro', ImageId='ami-0e2ff28bfb72a4e45', KeyName=Ref(key_name), )) with open('./driver.yml', mode='w') as file: file.write(template.to_yaml())
def _create_public_network(self, subnet_configs): public_route_table = RouteTable( camelcase("{self.env}Public".format(**locals())), VpcId=Ref(self.vpc), Tags=[ { 'Key': 'Name', 'Value': "{self.env}-public".format(**locals()) }, {'Key': 'environment', 'Value': self.env} ], DependsOn=self.vpc.title) self.template.add_resource(public_route_table) subnet_count = 0 existing_subnet_ids, existing_subnet_azs, az_balance = self._get_existing_subnet_info("PublicSubnet") for subnet_title, subnet_config in subnet_configs.items(): subnet_count += 1 if f"PublicSubnet{subnet_count}" in existing_subnet_ids: availability_zone = existing_subnet_azs[existing_subnet_ids[f"PublicSubnet{subnet_count}"]] else: availability_zone = min(az_balance, key=az_balance.get) subnet_title = camelcase("{self.env}Public".format(**locals())) + \ pascalcase(re.sub('[^a-zA-Z0-9*]', '', subnet_title)) subnet_name = "{self.env}-public-{subnet_count}".format(**locals()) subnet = Subnet( subnet_title, AvailabilityZone=availability_zone, CidrBlock=subnet_config['cidr'], VpcId=Ref(self.vpc), MapPublicIpOnLaunch=True, Tags=[ {'Key': 'Name', 'Value': subnet_name}, {'Key': 'environment', 'Value': self.env} ] ) self.public_subnets.append(subnet) self.template.add_resource(subnet) subnet_route_table_association = SubnetRouteTableAssociation( camelcase("{self.env}PublicSubnet{subnet_count}Assoc".format(**locals())), RouteTableId=Ref(public_route_table), SubnetId=Ref(subnet) ) self.template.add_resource(subnet_route_table_association) internet_gateway_route = Route( camelcase("{self.env}IgRoute".format(**locals())), DestinationCidrBlock='0.0.0.0/0', GatewayId=Ref(self.internet_gateway), RouteTableId=Ref(public_route_table) ) self.template.add_resource(internet_gateway_route) return None
def add_public_subnet2(self): ''' Add a public subnet 2 ''' self.cfn_template.add_resource( Subnet(title=constants.PUB_SUBNET2, VpcId=Ref(constants.VPC), CidrBlock=Ref('PublicSubnet2CIDRBlock'), MapPublicIpOnLaunch="true", AvailabilityZone=Select('1', GetAZs()))) return self.cfn_template
def create_subnet(_subnet_title, _vpcid=None, _availability_zone=None, _map_public_ip_on_launch=False, _subnet_cidr=None): _sbnet = Subnet(title=_subnet_title, CidrBlock=_subnet_cidr, VpcId=_vpcid, AvailabilityZone=_availability_zone, MapPublicIpOnLaunch=_map_public_ip_on_launch) return _sbnet
def add_storage_subnets(template, vpc, az_index, layers): """ Function to add storage subnets inside the VPC :param layers: VPC layers :type layers: dict :param template: VPC Template() :type template: troposphere.Template :param vpc: Vpc() for Ref() :type vpc: troposphere.ec2.Vpc :param az_index: List of AZ Index (a,b,c..) :type az_index: list :returns: tuple() list of rtb, list of subnets """ rtb = RouteTable( "StorageRtb", template=template, VpcId=Ref(vpc), Tags=Tags(Name="StorageRtb") + Tags({f"vpc{DELIM}usage": "storage"}), Metadata=metadata, ) subnets = [] for index, subnet_cidr in zip(az_index, layers["stor"]): subnet = Subnet( f"StorageSubnet{index.upper()}", template=template, CidrBlock=subnet_cidr, VpcId=Ref(vpc), AvailabilityZone=Sub(f"${{AWS::Region}}{index}"), Tags=Tags( Name=If( USE_STACK_NAME_CON_T, Sub(f"${{AWS::StackName}}-Storage-{index}"), Sub(f"${{{ROOT_STACK_NAME_T}}}-Storage-{index}"), ), ) + Tags({f"vpc{DELIM}usage": "storage", f"vpc{DELIM}vpc-id": Ref(vpc)}), Metadata=metadata, ) SubnetRouteTableAssociation( f"StorageSubnetAssoc{index.upper()}", template=template, SubnetId=Ref(subnet), RouteTableId=Ref(rtb), Metadata=metadata, ) subnets.append(subnet) return [rtb], subnets
def __create_private_subnet(template: Template, vpc): private_subnet_cidr = template.add_parameter(parameter=Parameter( title='PrivateSubnetCidr', Type='String', Default='192.168.2.0/24')) private_subnet = template.add_resource( resource=Subnet(title='SamplePrivateSubnet', CidrBlock=Ref(private_subnet_cidr), VpcId=Ref(vpc))) private_route_table = template.add_resource( resource=RouteTable(title='SamplePrivateRoteTable', VpcId=Ref(vpc))) template.add_resource(resource=SubnetRouteTableAssociation( title='SamplePrivateRoteTableAssociation', RouteTableId=Ref(private_route_table), SubnetId=Ref(private_subnet)))
def _create_vpc(self): if self.vpc: self.tpl.add_output(Output(self.OUTPUT_VPC, Value=self.vpc)) self.tpl.add_output(Output(self.OUTPUT_SUBNETS, Value=','.join(self.subnets))) return vpc = VPC(self.RESOURCE_EKS_VPC.name, CidrBlock=self.vpc_cidr, Tags=Tags(Name=self.tag_name)) self.tpl.add_resource(vpc) gateway = self.tpl.add_resource(InternetGateway(self.RESOURCE_VPC_INTERNET_GATEWAY.name)) self.tpl.add_resource(VPCGatewayAttachment( self.RESOURCE_VPC_GATEWAY_ATTACHMENT.name, VpcId=Ref(vpc), InternetGatewayId=Ref(gateway), DependsOn=gateway, )) rt = self.tpl.add_resource(RouteTable( self.RESOURCE_VPC_ROUTE_TABLE.name, VpcId=Ref(vpc), DependsOn=gateway, Tags=Tags(Name='public subnet', Network='public'), )) self.tpl.add_resource(Route( self.RESOURCE_VPC_ROUTE.name, RouteTableId=Ref(rt), DestinationCidrBlock='0.0.0.0/0', GatewayId=Ref(gateway), )) self.resources.extend(deepcopy([self.RESOURCE_EKS_VPC, self.RESOURCE_VPC_INTERNET_GATEWAY, self.RESOURCE_VPC_GATEWAY_ATTACHMENT, self.RESOURCE_VPC_ROUTE_TABLE, self.RESOURCE_VPC_ROUTE])) subnets = [] vpc_network = IPNetwork(self.vpc_cidr) prefixlen = IPNetwork(self.vpc_cidr).prefixlen + (len(self.zones) - 1).bit_length() cidrs = list(vpc_network.subnet(prefixlen)) for i, zone in enumerate(self.zones): sname = self.RESOURCE_FORMAT_SUBNET.format(i + 1) staname = self.RESOURCE_FORMAT_SUBNET_RTA.format(i + 1) subnet = self.tpl.add_resource(Subnet( sname, AvailabilityZone=zone, VpcId=Ref(vpc), CidrBlock=str(cidrs[i].cidr), Tags=Tags(Name='{}-{}'.format(self.name, str(i + 1))) )) self.resources.append(Resource(sname, 'EKS VPC {}'.format(sname), Status.not_exist)) self.tpl.add_resource(SubnetRouteTableAssociation( staname, SubnetId=Ref(subnet), RouteTableId=Ref(rt) )) self.resources.append(Resource(staname, 'EKS VPC {}'.format(staname), Status.not_exist)) subnets.append(subnet) self.subnet_refs = [Ref(s) for s in subnets] self.tpl.add_output(Output(self.OUTPUT_VPC, Value=Ref(vpc))) self.tpl.add_output(Output(self.OUTPUT_SUBNETS, Value=Join(',', self.subnet_refs)))
def addSubnet(template, Env, Owner, CidrBlock, Name, AvailabilityZone, MapPublicIpOnLaunch, Network): return template.add_resource( Subnet(Name.replace("-", "").replace(" ", "") + CidrBlock.replace("/", "").replace(".", ""), CidrBlock=CidrBlock, AvailabilityZone=AvailabilityZone, MapPublicIpOnLaunch=MapPublicIpOnLaunch, VpcId=Ref("VPC"), Tags=Tags( **{ 'Name': Name + " - " + Network + " Subnet - " + AvailabilityZone, 'Network': Network, 'Env': Env, 'Owner': Owner, })))
def subnet_adder(self, subnet_list, name_ref, route_table_name): for index, cidr in enumerate(subnet_list): self.template.add_resource( Subnet( name_ref + str(index), CidrBlock=str(cidr), VpcId=Ref(self.vpc), # not a fan of the below line, but will do for now. This basically exists to ensure that subnets are # distributed between availability zones. However, since we are always creating 3 pub/priv subnets # this will fail if there are less than 3 AZs in a given region. Ideally the subnet count & # distribution would happen dynamically based on how many zones are available. AvailabilityZone=Select(index, self.azs))) self.template.add_resource( SubnetRouteTableAssociation( route_table_name + str(index), SubnetId=Ref(name_ref + str(index)), RouteTableId=Ref(route_table_name)))
def create_subnet(stack, name, subnet_cidr, avail_zone='us-east-1a', public_ip=False): """Add VPC Subnet Resource.""" return stack.stack.add_resource( Subnet( '{0}Subnet'.format(name), CidrBlock=Ref(subnet_cidr), MapPublicIpOnLaunch=public_ip, AvailabilityZone=avail_zone, VpcId=Ref(stack.vpc), Tags=[ { 'Key': 'Name', 'Value': '{0}{1}'.format(stack.env, name) }, ], ))
def add_subnets(availability_zones, cidrType, map_public_ip, prefix, postfix): subnets = {} cidrs = cidr_to_subnets(cidrType) for availability_zone in availability_zones: subnets[availability_zone] = {} subnets[availability_zone][cidrType] = {} items = {} for subnet_name in get_subnet_names(cidrType): items[subnet_name] = t.add_resource( Subnet( prefix + availability_zone.replace("-", "") + subnet_name.upper(), VpcId=Ref("vpcId"), AvailabilityZone=availability_zone, CidrBlock=cidrs[availability_zone][cidrType][subnet_name], MapPublicIpOnLaunch=map_public_ip, Tags=Tags( Name=Join("", [Ref("stackName"), "-" + availability_zone + "-" + postfix + "-" + subnet_name.upper()]) ) )) subnets[availability_zone][cidrType] = items return subnets
def __create_private_subnet(template: Template, vpc): private_route_table = template.add_resource( resource=RouteTable(title='SamplePrivateRoteTable', VpcId=Ref(vpc))) for suffix in ['A', 'B']: private_subnet_cidr = template.add_parameter( parameter=Parameter(title='PrivateSubnetCidr' + suffix, Type='String', Default=__get_subnet_cidr())) private_subnet = template.add_resource( resource=Subnet(title='SamplePrivateSubnet' + suffix, AvailabilityZone=Sub('${AWS::Region}' + suffix.lower()), CidrBlock=Ref(private_subnet_cidr), VpcId=Ref(vpc))) add_export(template, private_subnet.title + 'Id', Ref(private_subnet)) template.add_resource(resource=SubnetRouteTableAssociation( title='SamplePrivateRoteTableAssociation' + suffix, RouteTableId=Ref(private_route_table), SubnetId=Ref(private_subnet)))
def __create_public_subnet(template: Template, vpc) -> Subnet: igw = template.add_resource(resource=InternetGateway(title='SampleIgw')) template.add_resource(resource=VPCGatewayAttachment( title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw))) public_route_table = template.add_resource( resource=RouteTable(title='SamplePublicRoteTable', VpcId=Ref(vpc))) for suffix in ['A', 'B']: public_subnet_cidr = template.add_parameter( parameter=Parameter(title='PublicSubnetCidr' + suffix, Type='String', Default=__get_subnet_cidr())) public_subnet = template.add_resource( resource=Subnet(title='SamplePublicSubnet' + suffix, AvailabilityZone=Sub('${AWS::Region}' + suffix.lower()), CidrBlock=Ref(public_subnet_cidr), MapPublicIpOnLaunch=True, VpcId=Ref(vpc))) add_export(template, public_subnet.title + 'Id', Ref(public_subnet)) template.add_resource(resource=SubnetRouteTableAssociation( title='SamplePublicRoteTableAssociation' + suffix, RouteTableId=Ref(public_route_table), SubnetId=Ref(public_subnet))) template.add_resource(resource=Route(title='SamplePublicRoute', DestinationCidrBlock='0.0.0.0/0', GatewayId=Ref(igw), RouteTableId=Ref(public_route_table))) return public_subnet
############################# VPC AND SUBNET ########################################### VPC = template.add_resource( VPC('VPC', CidrBlock=vpc.CidrBlock, EnableDnsSupport=True, EnableDnsHostnames=True, Tags=Tags(Name=environmentString + "VPC", Stack=Ref("AWS::StackName")))) vpc.instance = VPC for f in vpc.subnets: subnet = template.add_resource( Subnet(f.name, CidrBlock=f.CidrBlock, VpcId=Ref(VPC), MapPublicIpOnLaunch=f.MapPublicIpOnLaunch, AvailabilityZone=Select(f.AvailabilityZone, GetAZs()), Tags=Tags(Name=environmentString + f.name, Stack=Ref("AWS::StackName")))) f.instance = subnet ############################# ADD GATEWAY AND ROLE ########################### internetGateway = template.add_resource( InternetGateway('InternetGateway', Tags=Tags(Name=environmentString + "Internet-Gateway", Stack=Ref("AWS::StackName")))) gatewayAttachment = template.add_resource( VPCGatewayAttachment('AttachGateway', VpcId=Ref(VPC), InternetGatewayId=Ref(internetGateway)))
Name = config['name'] + '-route-table' ) t.add_resource(route_table) # route to igw route_igw = Route(config['name'] + 'Igw') route_igw.DestinationCidrBlock = '0.0.0.0/0' route_igw.GatewayId = Ref(internet_gateway) route_igw.RouteTableId = Ref(route_table) t.add_resource(route_igw) # subnets app_subnets = [] route_table_associations = [] for subnet in config['vpc']['app_subnets']: sub = Subnet('PublicSubnet' + subnet[0]) sub.VpcId = Ref(vpc) sub.CidrBlock = subnet[1] sub.AvailabilityZone = subnet[2] sub.Tags = Tags(Application = Ref('AWS::StackName')) t.add_resource(sub) app_subnets.append(sub) # route table associations need to be handled per subnet rta = SubnetRouteTableAssociation(config['name'] + 'Rta' + subnet[0]) rta.RouteTableId = Ref(route_table) rta.SubnetId = Ref(sub) t.add_resource(rta) route_table_associations.append(rta) # security group addresses