def get_availability_zones():
if availability_zones:
return availability_zones
current_zones = aws.get_availability_zones().names
if number_of_availability_zones:
return current_zones[:number_of_availability_zones]
return current_zones
def __init__(self,
name: str,
cidr: str,
subnets: int = 2,
prefix: int = 19,
tags: dict = None,
opts: pulumi.ResourceOptions = None):
super().__init__('ComponentResource:VpcWithPublicSubnets', name, None,
opts)
self.vpc_name = name
self.cidr = cidr
self.subnets = subnets
self.prefix = prefix
self.tags = {} if tags is None else tags
self.availability_zones = aws.get_availability_zones().names
self.provision_resources()
# signal to Pulumi that we are done creating resources
self.register_outputs({})
tags={
"Name": "pulumi-vpc-ig",
})
eks_route_table = aws.ec2.RouteTable("eksRouteTable",
vpc_id=eks_vpc.id,
routes=[
aws.ec2.RouteTableRouteArgs(
cidr_block="0.0.0.0/0",
gateway_id=eks_igw.id,
)
],
tags={
"Name": "pulumi-vpc-rt",
})
# Subnets, one for each AZ in a region
zones = aws.get_availability_zones()
vpc_subnet = []
for range in [{"key": k, "value": v} for [k, v] in enumerate(zones.names)]:
vpc_subnet.append(
aws.ec2.Subnet(f"vpcSubnet-{range['key']}",
assign_ipv6_address_on_creation=False,
vpc_id=eks_vpc.id,
map_public_ip_on_launch=True,
cidr_block=f"10.100.{range['key']}.0/24",
availability_zone=range["value"],
tags={
"Name": f"pulumi-sn-{range['value']}",
}))
rta = []
for range in [{"key": k, "value": v} for [k, v] in enumerate(zones.names)]:
rta.append(
from jen20_pulumi_aws_vpc import Vpc, VpcArgs
from pulumi import export
from pulumi_aws import get_availability_zones
zones = get_availability_zones(state="available")
vpc = Vpc(
"example-vpc",
VpcArgs(
description="Example VPC",
base_tags={
"Project": "Python Example VPC",
},
base_cidr="192.168.0.0/16",
availability_zone_names=zones.names,
zone_name="example.local",
create_s3_endpoint=True,
create_dynamodb_endpoint=True,
))
vpc.enableFlowLoggingToCloudWatchLogs("ALL")
export("vpcId", vpc.vpc.id)
export("publicSubnetIds", [subnet.id for subnet in vpc.public_subnets])
export("privateSubnetIds", [subnet.id for subnet in vpc.private_subnets])
def _get_az(self, index):
zones = pulumi_aws.get_availability_zones()
return zones.zone_ids[index]
import pulumi
import pulumi_aws as aws
config = pulumi.Config()
zones = pulumi.Output.from_input(aws.get_availability_zones())
zone_names = zones.apply(lambda zs: zs.names)
print(f"vpc_cidr: {config.require('vpc_cidr')}")
vpc_cidr = config.require('vpc_cidr')
print(f"flavour_master: {config.require('flavour_master')}")
flavour_master = config.require('flavour_master')
print(f"flavour_server: {config.require('flavour_server')}")
flavour_server = config.require('flavour_server')
print(f"flavour_jumpbox: {config.require('flavour_jumpbox')}")
flavour_jumpbox = config.require('flavour_jumpbox')
print(f"flavour_avi: {config.require('flavour_avi')}")
flavour_avi = config.require('flavour_avi')
print(f"ami_ubuntu: {config.require('ami_ubuntu')}")
ami_ubuntu = config.require('ami_ubuntu')
print(f"vol_size_ubuntu: {config.require('vol_size_ubuntu')}")
vol_size_ubuntu = config.require('vol_size_ubuntu')
print(f"vol_size_avi: {config.require('vol_size_avi')}")
vol_size_avi = config.require('vol_size_avi')
#!/usr/bin/env python
import yaml
import json
import shutil
import pulumi
import pulumi_aws as aws
# Read yaml vars
with open("../data.yaml", 'r') as stream:
data = yaml.safe_load(stream)
_vars = data["pulumi"]
_iam = data["iam"]
# VPC
main = aws.ec2.Vpc("main", cidr_block=_vars["vpc"])
azs = aws.get_availability_zones(state="available")
igw = aws.ec2.InternetGateway("gw", vpc_id=main.id)
public_route = aws.ec2.RouteTable("publicRouteTable",
vpc_id=main.id,
routes=[
aws.ec2.RouteTableRouteArgs(
cidr_block="0.0.0.0/0",
gateway_id=igw.id,
)
])
public_subnets = []
for i, s in enumerate(_vars["subnets"]["public"]):
subnet = aws.ec2.Subnet("public-{}".format(s),
vpc_id=main.id,
cidr_block=s,
availability_zone=azs.names[i])
import pulumi
import pulumi_aws as aws
example = aws.get_availability_zones(all_availability_zones=True,
filters=[{
"name":
"opt-in-status",
"values": [
"not-opted-in",
"opted-in",
],
}])
def get_aws_az():
zones = aws.get_availability_zones()
return zones.names[:
3] # Returns availability zones 0, 1, 2. So total of 3 az's.
import pulumi_aws
availableZones = pulumi_aws.get_availability_zones(state="available")
shared_vpc = pulumi_aws.ec2.Vpc(
resource_name='pulumi-aws-example',
assign_generated_ipv6_cidr_block=True,
cidr_block="10.0.0.0/16",
enable_dns_hostnames=True,enable_dns_support=True)
subnet_gateway = pulumi_aws.ec2.Subnet(
resource_name='pulumi-aws-example_gateway',
availability_zone=availableZones.names[0],
cidr_block="10.0.10.0/24",
vpc_id=shared_vpc.id)
subnet_application = pulumi_aws.ec2.Subnet(
resource_name='pulumi-aws-example_application',
availability_zone=availableZones.names[0],
cidr_block="10.0.11.0/24",
vpc_id=shared_vpc.id)
subnet_database = pulumi_aws.ec2.Subnet(
resource_name='pulumi-aws-example_database',
availability_zone=availableZones.names[0],
cidr_block="10.0.12.0/24",
vpc_id=shared_vpc.id)
subnet_database2 = pulumi_aws.ec2.Subnet(
resource_name='pulumi-aws-example_database_2',
availability_zone=availableZones.names[1],
# load env variables
load_dotenv()
# Provider for testing
aws_config_testing = aws.Provider('aws_testing',
region='us-west-2',
profile='testing_profile')
##### creating custom aws provider
aws_config = aws.Provider('aws',
region=config.require('aws_region'),
profile=config.require('aws_profile'))
Azs_Availables = aws.get_availability_zones(
state="available", opts=pulumi.ResourceOptions(provider=aws_config))
# Networking creation
cidr_public = ['10.11.1.0/24', '10.11.2.0/24']
cidr_private = ['10.11.100.0/24', '10.11.101.0/24']
vpc_microservice = aws_vpc.vpc('techinsiders', '10.11.0.0/16', cidr_public,
cidr_private, Azs_Availables, aws_config)
net_info = vpc_microservice.create_basic_networking()
# Security group
rule_alb_ingress = [
{
'description': 'allow_https',
'fromPort': 443,
'toPort': 443,
def __init__(self, name: str, args: VpcArgs, opts: ResourceOptions = None):
super().__init__('custom:resource:VPC', name, {}, opts)
vpc_name = name + '-vpc'
self.vpc = ec2.Vpc(vpc_name,
cidr_block=args.cidr_block,
instance_tenancy=args.instance_tenancy,
enable_dns_hostnames=args.enable_dns_hostnames,
enable_dns_support=args.enable_dns_support,
tags={'Name': vpc_name},
opts=ResourceOptions(parent=self))
igw_name = name + '-igw'
self.igw = ec2.InternetGateway(igw_name,
vpc_id=self.vpc.id,
tags={'Name': igw_name},
opts=ResourceOptions(parent=self))
rt_name = name + '-rt'
self.route_table = ec2.RouteTable(rt_name,
vpc_id=self.vpc.id,
routes=[
ec2.RouteTableRouteArgs(
cidr_block='0.0.0.0/0',
gateway_id=self.igw.id,
)
],
tags={'Name': rt_name},
opts=ResourceOptions(parent=self))
# Subnets, at least across two zones.
all_zones = get_availability_zones()
# limiting to 2 zones for speed and to meet minimal requirements.
zone_names = [all_zones.names[0], all_zones.names[1]]
self.subnets = []
subnet_name_base = f'{name}-subnet'
for zone in zone_names:
vpc_subnet = ec2.Subnet(
f'{subnet_name_base}-{zone}',
assign_ipv6_address_on_creation=False,
vpc_id=self.vpc.id,
map_public_ip_on_launch=True,
cidr_block=f'10.100.{len(self.subnets)}.0/24',
availability_zone=zone,
tags={
'Name': f'{subnet_name_base}-{zone}',
},
opts=ResourceOptions(parent=self))
ec2.RouteTableAssociation(f'vpc-route-table-assoc-{zone}',
route_table_id=self.route_table.id,
subnet_id=vpc_subnet.id,
opts=ResourceOptions(parent=self))
self.subnets.append(vpc_subnet)
# Security Groups
rds_sg_name = f'{name}-rds-sg'
self.rds_security_group = ec2.SecurityGroup(
rds_sg_name,
vpc_id=self.vpc.id,
description='Allow client access.',
tags={'Name': rds_sg_name},
ingress=[
ec2.SecurityGroupIngressArgs(cidr_blocks=['0.0.0.0/0'],
from_port=3306,
to_port=3306,
protocol='tcp',
description='Allow rds access.'),
],
egress=[
ec2.SecurityGroupEgressArgs(
protocol='-1',
from_port=0,
to_port=0,
cidr_blocks=['0.0.0.0/0'],
)
],
opts=ResourceOptions(parent=self))
fe_sg_name = f'{name}-fe-sg'
self.fe_security_group = ec2.SecurityGroup(
fe_sg_name,
vpc_id=self.vpc.id,
description='Allow all HTTP(s) traffic.',
tags={'Name': fe_sg_name},
ingress=[
ec2.SecurityGroupIngressArgs(cidr_blocks=['0.0.0.0/0'],
from_port=443,
to_port=443,
protocol='tcp',
description='Allow https.'),
ec2.SecurityGroupIngressArgs(cidr_blocks=['0.0.0.0/0'],
from_port=80,
to_port=80,
protocol='tcp',
description='Allow http access'),
],
egress=[
ec2.SecurityGroupEgressArgs(
protocol='-1',
from_port=0,
to_port=0,
cidr_blocks=['0.0.0.0/0'],
)
],
opts=ResourceOptions(parent=self))
self.register_outputs({})
def get_aws_az(index):
# type: (int) -> str
zones = pulumi_aws.get_availability_zones()
return zones.names[index]
def get_aws_az(amount):
zones = get_availability_zones()
return zones.names[:amount]
vpc = ec2.Vpc('test',
cidr_block="10.11.0.0/16",
enable_dns_hostnames=True,
enable_dns_support=True)
internet_gateway = ec2.InternetGateway('test', vpc_id=vpc.id)
route_table = ec2.RouteTable('test',
vpc_id=vpc.id,
routes=[
ec2.RouteTableRouteArgs(
cidr_block="0.0.0.0/0",
gateway_id=internet_gateway.id)
])
zones = Output.from_input(get_availability_zones())
zone_names = zones.apply(lambda zs: zs.names)
subnet0 = ec2.Subnet(
"test0",
vpc_id=vpc.id,
availability_zone=zone_names.apply(lambda names: names[0]),
cidr_block="10.11.0.0/24",
map_public_ip_on_launch=True)
subnet1 = ec2.Subnet(
"test1",
vpc_id=vpc.id,
availability_zone=zone_names.apply(lambda names: names[1]),
cidr_block="10.11.1.0/24",
map_public_ip_on_launch=True)
## what to listen for
listener = aws.lb.Listener("listener",
load_balancer_arn=lb.arn,
port=80,
default_actions=[{
"type":
"forward",
"target_group_arn":
target_group.arn
}])
ips = []
hostnames = []
for az in aws.get_availability_zones().names:
server = aws.ec2.Instance(f"web-server-${az}",
instance_type="t2.micro",
security_groups=[group.name],
ami=ami.id,
availability_zone=az,
user_data="""#!/bin/bash
echo "Hello, World! -- from {}" > index.html
nohup python -m SimpleHTTPServer 80 &
""".format(az),
tags={"Name": "web-server"})
ips.append(server.public_ip)
hostnames.append(server.public_dns)
attachment = aws.lb.TargetGroupAttachment(
f'web-server-{az}',
igw = ec2.InternetGateway('vpc-ig',
vpc_id=vpc.id,
tags={'Name': 'pulumi-vpc-ig'})
eks_route_table = ec2.RouteTable('vpc-route-table',
vpc_id=vpc.id,
routes=[{
'cidr_block': '0.0.0.0/0',
'gateway_id': igw.id
}],
tags={'Name': 'pulumi-vpc-rt'})
## Subnets, one for each AZ in a region
zones = get_availability_zones()
subnet_ids = []
for zone in zones.names:
vpc_subnet = ec2.Subnet(f'vpc-subnet-{zone}',
assign_ipv6_address_on_creation=False,
vpc_id=vpc.id,
map_public_ip_on_launch=True,
cidr_block=f'10.100.{len(subnet_ids)}.0/24',
availability_zone=zone,
tags={'Name': f'pulumi-sn-{zone}'})
ec2.RouteTableAssociation(
f'vpc-route-table-assoc-{zone}',
route_table_id=eks_route_table.id,
subnet_id=vpc_subnet.id,
)
