def __create_public_subnet(template: Template, vpc) -> Subnet:
public_subnet_cidr = template.add_parameter(parameter=Parameter(
title='PublicSubnetCidr', Type='String', Default='192.168.1.0/24'))
igw = template.add_resource(resource=InternetGateway(title='SampleIgw'))
template.add_resource(resource=VPCGatewayAttachment(
title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw)))
public_subnet = template.add_resource(
resource=Subnet(title='SamplePublicSubnet',
CidrBlock=Ref(public_subnet_cidr),
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
public_route_table = template.add_resource(
resource=RouteTable(title='SamplePublicRoteTable', VpcId=Ref(vpc)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SamplePublicRoteTableAssociation',
RouteTableId=Ref(public_route_table),
SubnetId=Ref(public_subnet)))
template.add_resource(resource=Route(title='SamplePublicRoute',
DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(igw),
RouteTableId=Ref(public_route_table)))
return public_subnet
def _add_subnet_to_az(self, az, cidr, suffix):
subnet = self.add_resource(Subnet(
"%sSubnet%s" % (self.name, suffix),
VpcId=self.vpc_id,
AvailabilityZone=az,
CidrBlock=cidr,
Tags=Tags(
Name=Join("", [Ref("AWS::StackName"), "-public"]),
)
))
route_tbl = self.add_resource(RouteTable(
"%sRouteTable%s" % (self.name, suffix),
VpcId=self.vpc_id,
Tags=Tags(Name=Join("", [Ref("AWS::StackName"), "-public"]))
))
route = self.add_resource(Route(
"%sRoute%s" % (self.name, suffix),
GatewayId=self.igw,
DestinationCidrBlock="0.0.0.0/0",
RouteTableId=Ref(route_tbl),
))
subnet_route_tbl_assoc = self.add_resource(SubnetRouteTableAssociation(
"%sSubnetRouteAssoc%s" % (self.name, suffix),
SubnetId=Ref(subnet),
RouteTableId=Ref(route_tbl),
))
return subnet
def __create_dmz_subnet(template: Template, vpc, public_subnet):
dmz_subnet_cidr = template.add_parameter(parameter=Parameter(
title='DmzSubnetCidr', Type='String', Default='192.168.3.0/24'))
dmz_subnet = template.add_resource(
resource=Subnet(title='SampleDmzSubnet',
CidrBlock=Ref(dmz_subnet_cidr),
VpcId=Ref(vpc)))
dmz_route_table = template.add_resource(
resource=RouteTable(title='SampleDmzRoteTable', VpcId=Ref(vpc)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SampleDmzRoteTableAssociation',
RouteTableId=Ref(dmz_route_table),
SubnetId=Ref(dmz_subnet)))
eip = template.add_resource(resource=EIP(title='SampleEip', ))
ngw = template.add_resource(
resource=NatGateway(title='SampleNatGateway',
AllocationId=GetAtt(eip, "AllocationId"),
SubnetId=Ref(public_subnet)))
template.add_resource(resource=Route(title='SampleDmzRoute',
DestinationCidrBlock='0.0.0.0/0',
NatGatewayId=Ref(ngw),
RouteTableId=Ref(dmz_route_table)))
def create_private_subnet(self, zone, ip_network):
"""Create private subnet and associated resources"""
if not 'Public' in self.network['Subnets'][zone]:
raise Exception(("Public subnet in {} does not exist to "
"create private subnet!").format(zone))
elif not 'NatGateway' in self.network['Subnets'][zone]['Public']:
raise Exception(
("No NAT Gateway in public subnet {} to associate "
"default route with in private subnet!").format(zone))
zone_title = self.data['Title'] + TITLE_CLEANUP_RE.subn('', zone)[0]
tag = Tag(Key='Name',
Value='{} {} Private'.format(self.data['Name'], zone))
subnet = Subnet(title=zone_title + 'Private',
template=self.data['Template'],
AvailabilityZone=zone,
CidrBlock=ip_network,
MapPublicIpOnLaunch=False,
Tags=[tag] + self.data['Tags'],
VpcId=Ref(self.network['VPC']))
tag = Tag(Key='Name',
Value='{} {} Private Route Table'.format(
self.data['Name'], zone))
routetable = RouteTable(title=zone_title + 'PrivateRouteTable',
template=self.data['Template'],
VpcId=Ref(self.network['VPC']),
Tags=[tag] + self.data['Tags'])
nat_gateway_id = Ref(
self.network['Subnets'][zone]['Public']['NatGateway'])
route = Route(title=zone_title + 'PrivateDefaultRoute',
template=self.data['Template'],
DestinationCidrBlock='0.0.0.0/0',
NatGatewayId=nat_gateway_id,
RouteTableId=Ref(routetable))
subnetroutetableassociation = SubnetRouteTableAssociation(
title=zone_title + 'PrivateSubnetRouteTableAssociation',
template=self.data['Template'],
RouteTableId=Ref(routetable),
SubnetId=Ref(subnet))
self.network['Subnets'][zone]['Private'] = {}
self.network['Subnets'][zone]['Private']['Subnet'] = subnet
self.network['Subnets'][zone]['Private']['RouteTable'] = routetable
self.network['Subnets'][zone]['Private']['DefaultRoute'] = route
self.network['Subnets'][zone]['Private'][
'SubnetRouteTableAssociation'] = subnetroutetableassociation
# Export Private Subnet ID
self.add_output(
title=self.data['Title'] + zone_title + 'PrivateSubnet',
description="Private Subnet ID of {} in {}".format(
self.data['Name'], zone),
value=Ref(subnet),
export=Sub('${{AWS::StackName}}{}PrivateSubnet'.format(zone)))
# Export Private Route Table ID
self.add_output(
title=self.data['Title'] + zone_title + 'PrivateRouteTable',
description="Private Route Table ID of {} in {}".format(
self.data['Name'], zone),
value=Ref(routetable),
export=Sub('${{AWS::StackName}}{}PrivateRouteTable'.format(zone)))
def add_route_table( template, key, vpc, name='' ):
return template.add_resource(
RouteTable(
key,
VpcId = Ref( vpc ),
Tags = Tags( Name=name )
)
)
def attach_route_table(template, vpc, subnet, gateway):
routetable = RouteTable("sgdemoroutetable", VpcId = Ref(vpc))
template.add_resource(routetable)
route = Route("sgdemoroute1", RouteTableId = Ref(routetable), DestinationCidrBlock = "0.0.0.0/0", GatewayId = Ref(gateway))
template.add_resource(route)
routetableassoc = SubnetRouteTableAssociation("sgdemosubnetroute1", RouteTableId = Ref(routetable), SubnetId = Ref(subnet))
template.add_resource(routetableassoc)
return routetable
def add_public_routetable(self):
'''
Add a public route-table
'''
self.cfn_template.add_resource(
RouteTable(
title=constants.PUB_RT,
VpcId=Ref(constants.VPC),
))
return self.cfn_template
def add_private_routetable(self):
'''
Add a private route-table
'''
self.cfn_template.add_resource(
RouteTable(
title=constants.PRIV_RT,
VpcId=Ref(constants.VPC),
))
return self.cfn_template
def _create_public_network(self, subnet_configs):
public_route_table = RouteTable(
camelcase("{self.env}Public".format(**locals())),
VpcId=Ref(self.vpc),
Tags=[
{
'Key': 'Name',
'Value': "{self.env}-public".format(**locals())
},
{'Key': 'environment', 'Value': self.env}
],
DependsOn=self.vpc.title)
self.template.add_resource(public_route_table)
subnet_count = 0
existing_subnet_ids, existing_subnet_azs, az_balance = self._get_existing_subnet_info("PublicSubnet")
for subnet_title, subnet_config in subnet_configs.items():
subnet_count += 1
if f"PublicSubnet{subnet_count}" in existing_subnet_ids:
availability_zone = existing_subnet_azs[existing_subnet_ids[f"PublicSubnet{subnet_count}"]]
else:
availability_zone = min(az_balance, key=az_balance.get)
subnet_title = camelcase("{self.env}Public".format(**locals())) + \
pascalcase(re.sub('[^a-zA-Z0-9*]', '', subnet_title))
subnet_name = "{self.env}-public-{subnet_count}".format(**locals())
subnet = Subnet(
subnet_title,
AvailabilityZone=availability_zone,
CidrBlock=subnet_config['cidr'],
VpcId=Ref(self.vpc),
MapPublicIpOnLaunch=True,
Tags=[
{'Key': 'Name', 'Value': subnet_name},
{'Key': 'environment', 'Value': self.env}
]
)
self.public_subnets.append(subnet)
self.template.add_resource(subnet)
subnet_route_table_association = SubnetRouteTableAssociation(
camelcase("{self.env}PublicSubnet{subnet_count}Assoc".format(**locals())),
RouteTableId=Ref(public_route_table),
SubnetId=Ref(subnet)
)
self.template.add_resource(subnet_route_table_association)
internet_gateway_route = Route(
camelcase("{self.env}IgRoute".format(**locals())),
DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(self.internet_gateway),
RouteTableId=Ref(public_route_table)
)
self.template.add_resource(internet_gateway_route)
return None
def create_vpc_template():
template = Template()
vpc_cidr = template.add_parameter(parameter=Parameter(
title='VpcCidr', Type='String', Default='192.168.0.0/16'))
subnet_cidr_a = template.add_parameter(parameter=Parameter(
title='SubnetCidr1', Type='String', Default='192.168.1.0/24'))
subnet_cidr_b = template.add_parameter(parameter=Parameter(
title='SubnetCidr2', Type='String', Default='192.168.2.0/24'))
vpc = template.add_resource(resource=VPC(
title='SampleVpc', CidrBlock=Ref(vpc_cidr), EnableDnsHostnames=True))
igw = template.add_resource(resource=InternetGateway(title='SampleIgw'))
template.add_resource(resource=VPCGatewayAttachment(
title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw)))
subnet_a = template.add_resource(
resource=Subnet(title='SampleSubnetA',
AvailabilityZone='us-east-1a',
CidrBlock=Ref(subnet_cidr_a),
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
subnet_b = template.add_resource(
resource=Subnet(title='SampleSubnetB',
AvailabilityZone='us-east-1b',
CidrBlock=Ref(subnet_cidr_b),
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
route_table = template.add_resource(
resource=RouteTable(title='SampleRoteTable', VpcId=Ref(vpc)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SampleRoteTableAssociationA',
RouteTableId=Ref(route_table),
SubnetId=Ref(subnet_a)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SampleRoteTableAssociationB',
RouteTableId=Ref(route_table),
SubnetId=Ref(subnet_b)))
template.add_resource(resource=Route(title='SampleRoute',
DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(igw),
RouteTableId=Ref(route_table)))
with open('./vpc.yml', mode='w') as file:
file.write(template.to_yaml())
def routing_table(self, name, vpc_name):
"""
Create routing table
:param name: Name to assign the routing table
:param vpc_name: VPC name
"""
self.template.add_resource(RouteTable(
name,
VpcId=Ref(vpc_name),
))
def add_route_tables(self):
t = self.template
for subnet_dict in self.sceptre_user_data['subnets']:
table_name = self.sceptre_user_data[
'application'] + '-' + subnet_dict['tier'] + '-route-table'
route_table = t.add_resource(
RouteTable(table_name.replace('-', ''),
VpcId=Ref(self.vpc),
Tags=self.DEFAULT_TAGS + [Tag('Name', table_name)]))
self.route_table_ids[subnet_dict['tier']] = Ref(route_table)
return 0
def create_route_table(stack, env, name):
"""Add VPC Route table Resource."""
return stack.stack.add_resource(
RouteTable(
'{0}{1}RouteTable'.format(env, name),
VpcId=Ref(stack.vpc),
Tags=[
{
'Key': 'Name',
'Value': '{0}{1}'.format(env, name)
},
],
))
def addRouteTable(template, az, priv_pubStr, Env, Owner):
### Create Route Table
myRouteTable = template.add_resource(
RouteTable(
priv_pubStr + "RouteTable" + az.replace("-", ""),
VpcId=Ref("VPC"),
Tags=Tags(
**{
'Name': Join("",
[Ref("AWS::StackName"), "-" + priv_pubStr]),
'Env': Env,
'Owner': Owner,
})))
return myRouteTable
def add_storage_subnets(template, vpc, az_index, layers):
"""
Function to add storage subnets inside the VPC
:param layers: VPC layers
:type layers: dict
:param template: VPC Template()
:type template: troposphere.Template
:param vpc: Vpc() for Ref()
:type vpc: troposphere.ec2.Vpc
:param az_index: List of AZ Index (a,b,c..)
:type az_index: list
:returns: tuple() list of rtb, list of subnets
"""
rtb = RouteTable(
"StorageRtb",
template=template,
VpcId=Ref(vpc),
Tags=Tags(Name="StorageRtb") + Tags({f"vpc{DELIM}usage": "storage"}),
Metadata=metadata,
)
subnets = []
for index, subnet_cidr in zip(az_index, layers["stor"]):
subnet = Subnet(
f"StorageSubnet{index.upper()}",
template=template,
CidrBlock=subnet_cidr,
VpcId=Ref(vpc),
AvailabilityZone=Sub(f"${{AWS::Region}}{index}"),
Tags=Tags(
Name=If(
USE_STACK_NAME_CON_T,
Sub(f"${{AWS::StackName}}-Storage-{index}"),
Sub(f"${{{ROOT_STACK_NAME_T}}}-Storage-{index}"),
),
)
+ Tags({f"vpc{DELIM}usage": "storage", f"vpc{DELIM}vpc-id": Ref(vpc)}),
Metadata=metadata,
)
SubnetRouteTableAssociation(
f"StorageSubnetAssoc{index.upper()}",
template=template,
SubnetId=Ref(subnet),
RouteTableId=Ref(rtb),
Metadata=metadata,
)
subnets.append(subnet)
return [rtb], subnets
def __create_private_subnet(template: Template, vpc):
private_subnet_cidr = template.add_parameter(parameter=Parameter(
title='PrivateSubnetCidr', Type='String', Default='192.168.2.0/24'))
private_subnet = template.add_resource(
resource=Subnet(title='SamplePrivateSubnet',
CidrBlock=Ref(private_subnet_cidr),
VpcId=Ref(vpc)))
private_route_table = template.add_resource(
resource=RouteTable(title='SamplePrivateRoteTable', VpcId=Ref(vpc)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SamplePrivateRoteTableAssociation',
RouteTableId=Ref(private_route_table),
SubnetId=Ref(private_subnet)))
def _create_vpc(self):
if self.vpc:
self.tpl.add_output(Output(self.OUTPUT_VPC, Value=self.vpc))
self.tpl.add_output(Output(self.OUTPUT_SUBNETS, Value=','.join(self.subnets)))
return
vpc = VPC(self.RESOURCE_EKS_VPC.name, CidrBlock=self.vpc_cidr, Tags=Tags(Name=self.tag_name))
self.tpl.add_resource(vpc)
gateway = self.tpl.add_resource(InternetGateway(self.RESOURCE_VPC_INTERNET_GATEWAY.name))
self.tpl.add_resource(VPCGatewayAttachment(
self.RESOURCE_VPC_GATEWAY_ATTACHMENT.name, VpcId=Ref(vpc), InternetGatewayId=Ref(gateway),
DependsOn=gateway,
))
rt = self.tpl.add_resource(RouteTable(
self.RESOURCE_VPC_ROUTE_TABLE.name, VpcId=Ref(vpc), DependsOn=gateway,
Tags=Tags(Name='public subnet', Network='public'),
))
self.tpl.add_resource(Route(
self.RESOURCE_VPC_ROUTE.name, RouteTableId=Ref(rt), DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(gateway),
))
self.resources.extend(deepcopy([self.RESOURCE_EKS_VPC, self.RESOURCE_VPC_INTERNET_GATEWAY,
self.RESOURCE_VPC_GATEWAY_ATTACHMENT, self.RESOURCE_VPC_ROUTE_TABLE,
self.RESOURCE_VPC_ROUTE]))
subnets = []
vpc_network = IPNetwork(self.vpc_cidr)
prefixlen = IPNetwork(self.vpc_cidr).prefixlen + (len(self.zones) - 1).bit_length()
cidrs = list(vpc_network.subnet(prefixlen))
for i, zone in enumerate(self.zones):
sname = self.RESOURCE_FORMAT_SUBNET.format(i + 1)
staname = self.RESOURCE_FORMAT_SUBNET_RTA.format(i + 1)
subnet = self.tpl.add_resource(Subnet(
sname, AvailabilityZone=zone, VpcId=Ref(vpc), CidrBlock=str(cidrs[i].cidr),
Tags=Tags(Name='{}-{}'.format(self.name, str(i + 1)))
))
self.resources.append(Resource(sname, 'EKS VPC {}'.format(sname), Status.not_exist))
self.tpl.add_resource(SubnetRouteTableAssociation(
staname, SubnetId=Ref(subnet), RouteTableId=Ref(rt)
))
self.resources.append(Resource(staname, 'EKS VPC {}'.format(staname), Status.not_exist))
subnets.append(subnet)
self.subnet_refs = [Ref(s) for s in subnets]
self.tpl.add_output(Output(self.OUTPUT_VPC, Value=Ref(vpc)))
self.tpl.add_output(Output(self.OUTPUT_SUBNETS, Value=Join(',', self.subnet_refs)))
def __build_route_table(
self, subnet_config: SubnetConfig, subnet_ref: Subnet, vpc: VPC, internet_gateway, nat_gateway: NatGateway
):
internet_gateway = If(self.__create_ig, internet_gateway, self.__gateway_id)
route_table = self.__template.add_resource(
RouteTable(
"RouteTable" + subnet_config.name,
VpcId=Ref(vpc),
Tags=Tags(Name=TAGS_PREFIX + "RouteTable" + subnet_config.name, Stack=Ref("AWS::StackId")),
)
)
self.__template.add_resource(
SubnetRouteTableAssociation(
"RouteAssociation" + subnet_config.name, SubnetId=Ref(subnet_ref), RouteTableId=Ref(route_table)
)
)
if subnet_config.default_gateway == Gateways.INTERNET_GATEWAY:
self.__template.add_resource(
Route(
"DefaultRouteDependsOn" + subnet_config.name,
RouteTableId=Ref(route_table),
DestinationCidrBlock="0.0.0.0/0",
GatewayId=internet_gateway,
DependsOn="VPCGatewayAttachment",
Condition=self.__create_ig,
)
)
self.__template.add_resource(
Route(
"DefaultRouteNoDependsOn" + subnet_config.name,
RouteTableId=Ref(route_table),
DestinationCidrBlock="0.0.0.0/0",
GatewayId=internet_gateway,
Condition=self.__existing_ig, # cant use Not()
)
)
elif subnet_config.default_gateway == Gateways.NAT_GATEWAY:
self.__template.add_resource(
Route(
"NatRoute" + subnet_config.name,
RouteTableId=Ref(route_table),
DestinationCidrBlock="0.0.0.0/0",
NatGatewayId=Ref(nat_gateway),
)
)
def __init__(self, title, template, *args, **kwargs):
super().__init__(title, template, *args, **kwargs)
RouteTable(title + 'routetable',
template,
VpcId=self.properties['VpcId'],
Tags=kwargs['Tags'])
Route(title + 'route',
template,
DestinationCidrBlock='0.0.0.0/0',
NatGatewayId=Ref(
'public' +
self.properties['AvailabilityZone'].replace('-', '') +
'natgateway'),
RouteTableId=Ref(self.name + 'routetable'))
SubnetRouteTableAssociation(title + 'subnetroutetableassociation',
template,
RouteTableId=Ref(self.name + 'routetable'),
SubnetId=Ref(self))
def add_routing_tables(availability_zones, cidrType, prefix, postfix):
routing_tables = {}
for availability_zone in availability_zones:
routing_tables[availability_zone] = {}
routing_tables[availability_zone][cidrType] = {}
items = {}
for subnet_name in get_subnet_names(cidrType):
items[subnet_name] = t.add_resource(
RouteTable(
prefix + availability_zone.replace("-", "") + subnet_name.upper(),
VpcId=Ref("vpcId"),
Tags=Tags(
Name=Join("", [Ref("stackName"), "-" + availability_zone + "-" + postfix + "-" + subnet_name]),
)
))
routing_tables[availability_zone][cidrType] = items
return routing_tables
def __add_route_table(self, route_table_name):
self.template.add_resource(
RouteTable(route_table_name, VpcId=Ref(self.vpc)))
route = self.template.add_resource(
Route(
route_table_name + str(random.randint(1, 999)),
RouteTableId=Ref(route_table_name),
DestinationCidrBlock='0.0.0.0/0',
))
# assumption of a naming convention and a pretty simple use case here.
if "Priv" in route_table_name:
gateway = self.nat_gateway
route.NatGatewayId = Ref(gateway)
route.DependsOn = 'Nat'
else:
gateway = self.igw
route.GatewayId = Ref(gateway)
route.DependsOn = 'AttachGateway'
def __build_route_table(
self,
subnet_config: SubnetConfig,
subnet_ref: Subnet,
vpc: VPC,
internet_gateway: InternetGateway,
internet_gateway_attachment: VPCGatewayAttachment,
nat_gateway: NatGateway,
):
route_table = self.__template.add_resource(
RouteTable(
"RouteTable" + subnet_config.name,
VpcId=Ref(vpc),
Tags=Tags(Name=Sub("${AWS::StackName}_route_table_" +
subnet_config.name),
Stack=Ref("AWS::StackId")),
))
self.__template.add_resource(
SubnetRouteTableAssociation("RouteAssociation" +
subnet_config.name,
SubnetId=Ref(subnet_ref),
RouteTableId=Ref(route_table)))
if subnet_config.default_gateway == Gateways.INTERNET_GATEWAY:
self.__template.add_resource(
Route(
"DefaultRoute" + subnet_config.name,
RouteTableId=Ref(route_table),
DestinationCidrBlock="0.0.0.0/0",
GatewayId=Ref(internet_gateway),
DependsOn=internet_gateway_attachment,
))
elif subnet_config.default_gateway == Gateways.NAT_GATEWAY:
self.__template.add_resource(
Route(
"NatRoute" + subnet_config.name,
RouteTableId=Ref(route_table),
DestinationCidrBlock="0.0.0.0/0",
NatGatewayId=Ref(nat_gateway),
))
def __create_private_subnet(template: Template, vpc):
private_route_table = template.add_resource(
resource=RouteTable(title='SamplePrivateRoteTable', VpcId=Ref(vpc)))
for suffix in ['A', 'B']:
private_subnet_cidr = template.add_parameter(
parameter=Parameter(title='PrivateSubnetCidr' + suffix,
Type='String',
Default=__get_subnet_cidr()))
private_subnet = template.add_resource(
resource=Subnet(title='SamplePrivateSubnet' + suffix,
AvailabilityZone=Sub('${AWS::Region}' +
suffix.lower()),
CidrBlock=Ref(private_subnet_cidr),
VpcId=Ref(vpc)))
add_export(template, private_subnet.title + 'Id', Ref(private_subnet))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SamplePrivateRoteTableAssociation' + suffix,
RouteTableId=Ref(private_route_table),
SubnetId=Ref(private_subnet)))
def _add_route_tables(self):
self.routeTable = RouteTable(
'RouteTable',
VpcId=Ref(self.parameters['VpcId']),
Tags=Tags(Name=Join(
'-', [Ref(self.parameters['StackPrefix']), "public"])),
)
self.template.add_resource(self.routeTable)
self.public_route = Route(
'Route',
GatewayId=Ref(self.parameters['IgwId']),
DestinationCidrBlock='0.0.0.0/0',
RouteTableId=Ref(self.routeTable),
)
self.template.add_resource(self.public_route)
self.subnetRouteTableAssociation1 = SubnetRouteTableAssociation(
'PubSubnetRouteTableAssociation1',
SubnetId=Ref(self.public_subnets['PubSubnet1']),
RouteTableId=Ref(self.routeTable),
)
self.template.add_resource(self.subnetRouteTableAssociation1)
def __create_public_subnet(template: Template, vpc) -> Subnet:
igw = template.add_resource(resource=InternetGateway(title='SampleIgw'))
template.add_resource(resource=VPCGatewayAttachment(
title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw)))
public_route_table = template.add_resource(
resource=RouteTable(title='SamplePublicRoteTable', VpcId=Ref(vpc)))
for suffix in ['A', 'B']:
public_subnet_cidr = template.add_parameter(
parameter=Parameter(title='PublicSubnetCidr' + suffix,
Type='String',
Default=__get_subnet_cidr()))
public_subnet = template.add_resource(
resource=Subnet(title='SamplePublicSubnet' + suffix,
AvailabilityZone=Sub('${AWS::Region}' +
suffix.lower()),
CidrBlock=Ref(public_subnet_cidr),
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
add_export(template, public_subnet.title + 'Id', Ref(public_subnet))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SamplePublicRoteTableAssociation' + suffix,
RouteTableId=Ref(public_route_table),
SubnetId=Ref(public_subnet)))
template.add_resource(resource=Route(title='SamplePublicRoute',
DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(igw),
RouteTableId=Ref(public_route_table)))
return public_subnet
def __init__(self, title, template, *args, **kwargs):
super().__init__(title, template, *args, **kwargs)
EIP(title + 'eip',
template,
Domain='vpc',
DependsOn='vpcgatewayattachment')
NatGateway(title + 'natgateway',
template,
AllocationId=GetAtt(title + 'eip', 'AllocationId'),
SubnetId=Ref(self),
DependsOn=title + 'eip')
RouteTable(title + 'routetable',
template,
VpcId=self.properties['VpcId'],
Tags=kwargs['Tags'])
Route(title + 'route',
template,
DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref('internetgateway'),
RouteTableId=Ref(title + 'routetable'))
SubnetRouteTableAssociation(title + 'subnetroutetableassociation',
template,
RouteTableId=Ref(title + 'routetable'),
SubnetId=Ref(self))
GroupDescription=Sub("${EnvironmentName} Internal Security Group"),
Tags=Tags(
Name=Sub("${EnvironmentName} RDS Internal Security Group"), ),
))
IgwAttachment = template.add_resource(
VPCGatewayAttachment(
"IgwAttachment",
VpcId=Ref("VPC"),
InternetGatewayId=Ref(Igw),
))
PrivateRoute1Table = template.add_resource(
RouteTable(
"PrivateRoute1Table",
VpcId=Ref("VPC"),
Tags=Tags(Name=Sub("${EnvironmentName} Private1 Route (AZ1)"), ),
))
PrivateRoute1Default = template.add_resource(
Route(
"PrivateRoute1Default",
DestinationCidrBlock="0.0.0.0/0",
RouteTableId=Ref(PrivateRoute1Table),
NatGatewayId=Ref("NatGateway1"),
DependsOn="NatGateway1",
))
Private1RouteTableAssociation = template.add_resource(
SubnetRouteTableAssociation(
"Private1RouteTableAssociation",
"Vpc",
CidrBlock=vpc_cidr,
))
internet_gateway = template.add_resource(InternetGateway("InternetGateway", ))
template.add_resource(
VPCGatewayAttachment(
"GatewayAttachment",
VpcId=Ref(vpc),
InternetGatewayId=Ref(internet_gateway),
))
public_route_table = template.add_resource(
RouteTable(
"PublicRouteTable",
VpcId=Ref(vpc),
))
public_route = template.add_resource(
Route(
"PublicRoute",
GatewayId=Ref(internet_gateway),
DestinationCidrBlock="0.0.0.0/0",
RouteTableId=Ref(public_route_table),
))
public_subnet = template.add_resource(
Subnet(
"PublicSubnet",
VpcId=Ref(vpc),
CidrBlock=public_subnet_cidr,
resources[ "InternetGateway" ] = template.add_resource(InternetGateway(
"InternetGateway",
Tags = [ { "Key": "Name", "Value": Join("-", [ Ref(parameters[ "Project" ]), "igw" ]) },
{ "Key": "Project", "Value": Ref(parameters[ "Project" ]) }]))
resources[ "VPCGatewayAttachmentIGW" ] = template.add_resource(VPCGatewayAttachment(
"VPCGatewayAttachmentIGW",
DependsOn = [ resource for resource in [ "InternetGateway",
"VPC" ] ],
InternetGatewayId = Ref(resources[ "InternetGateway" ]),
VpcId = Ref(resources[ "VPC" ] )))
### Routing Tables ###
resources[ "PrivateRouteTableA" ] = template.add_resource(RouteTable(
"PrivateRouteTableA",
DependsOn = [ resource for resource in [ "VPC" ] ],
Tags = [ { "Key": "Name", "Value": Join("-", [ Ref(parameters[ "Project" ]), "prv", "a", "rt" ]) },
{ "Key": "Project", "Value": Ref(parameters[ "Project" ]) }],
VpcId = Ref(resources[ "VPC" ])))
resources[ "PrivateRouteTableB" ] = template.add_resource(RouteTable(
"PrivateRouteTableB",
DependsOn = [ resource for resource in [ "VPC" ] ],
Tags = [ { "Key": "Name", "Value": Join("-", [ Ref(parameters[ "Project" ]), "prv", "b", "rt" ]) },
{ "Key": "Project", "Value": Ref(parameters[ "Project" ]) }],
VpcId = Ref(resources[ "VPC" ])))
resources[ "PublicRouteTable" ] = template.add_resource(RouteTable(
"PublicRouteTable",
DependsOn = [ resource for resource in [ "VPC" ] ],
Tags = [ { "Key": "Name", "Value": Join("-", [ Ref(parameters[ "Project" ]), "pub", "rt" ]) },
{ "Key": "Project", "Value": Ref(parameters[ "Project" ]) } ],
f.instance = subnet
############################# ADD GATEWAY AND ROLE ###########################
internetGateway = template.add_resource(
InternetGateway('InternetGateway',
Tags=Tags(Name=environmentString + "Internet-Gateway",
Stack=Ref("AWS::StackName"))))
gatewayAttachment = template.add_resource(
VPCGatewayAttachment('AttachGateway',
VpcId=Ref(VPC),
InternetGatewayId=Ref(internetGateway)))
routeTable = template.add_resource(
RouteTable('PublicRouteTable',
VpcId=Ref(VPC),
Tags=Tags(Name=environmentString + "Public-Routes",
Stack=Ref("AWS::StackName"))))
route = template.add_resource(
Route(
'Route',
DependsOn='AttachGateway',
GatewayId=Ref('InternetGateway'),
DestinationCidrBlock='0.0.0.0/0',
RouteTableId=Ref(routeTable),
))
######################### ADD ROUTE TO SUBNET ###########################
for f in vpc.subnets:
template.add_resource(
SubnetRouteTableAssociation(
vpc.EnableDnsSupport = True
vpc.EnableDnsHostnames = True
vpc.Tags = Tags(Name=config['vpc']['name'])
t.add_resource(vpc)
# internet gateway
internet_gateway = InternetGateway('InternetGateway')
t.add_resource(internet_gateway)
gateway_attachment = VPCGatewayAttachment('GatewayAttachment')
gateway_attachment.VpcId = Ref(vpc)
gateway_attachment.InternetGatewayId = Ref('InternetGateway')
t.add_resource(gateway_attachment)
# route table
route_table = RouteTable(config['name'] + 'RouteTable')
route_table.VpcId = Ref(config['name'] + 'Vpc')
route_table.Tags=Tags(
Application = Ref('AWS::StackName'),
Name = config['name'] + '-route-table'
)
t.add_resource(route_table)
# route to igw
route_igw = Route(config['name'] + 'Igw')
route_igw.DestinationCidrBlock = '0.0.0.0/0'
route_igw.GatewayId = Ref(internet_gateway)
route_igw.RouteTableId = Ref(route_table)
t.add_resource(route_igw)
# subnets
