def _add_subnets(self):
public_key = "PubSubnet"
private_key = "PrivSubnet"
for i, key in enumerate(
[p for p in self.parameters if p.startswith(public_key)]):
name = public_key + str(i + 1)
self.public_subnets[name] = Subnet(
name,
CidrBlock=Ref(self.parameters[key]),
VpcId=Ref(self.parameters['VpcId']),
AvailabilityZone=Ref(self.parameters['Az' + str(i + 1)]),
MapPublicIpOnLaunch=True,
Tags=Tags(Name=Join('-', [
Ref(self.parameters['StackPrefix']), "pub",
Ref(self.parameters['Az' + str(i + 1)])
])),
)
self.template.add_resource(self.public_subnets[name])
for i, key in enumerate(
[p for p in self.parameters if p.startswith(private_key)]):
name = private_key + str(i + 1)
self.private_subnets[name] = Subnet(
name,
CidrBlock=Ref(self.parameters[key]),
VpcId=Ref(self.parameters['VpcId']),
AvailabilityZone=Ref(self.parameters['Az' + str(i + 1)]),
MapPublicIpOnLaunch=True,
Tags=Tags(Name=Join('-', [
Ref(self.parameters['StackPrefix']), "priv",
Ref(self.parameters['Az' + str(i + 1)])
])),
)
self.template.add_resource(self.private_subnets[name])
def create_vpc_template():
template = Template()
vpc_cidr = template.add_parameter(parameter=Parameter(
title='VpcCidr', Type='String', Default='192.168.0.0/16'))
subnet_cidr_a = template.add_parameter(parameter=Parameter(
title='SubnetCidr1', Type='String', Default='192.168.1.0/24'))
subnet_cidr_b = template.add_parameter(parameter=Parameter(
title='SubnetCidr2', Type='String', Default='192.168.2.0/24'))
vpc = template.add_resource(resource=VPC(
title='SampleVpc', CidrBlock=Ref(vpc_cidr), EnableDnsHostnames=True))
igw = template.add_resource(resource=InternetGateway(title='SampleIgw'))
template.add_resource(resource=VPCGatewayAttachment(
title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw)))
subnet_a = template.add_resource(
resource=Subnet(title='SampleSubnetA',
AvailabilityZone='us-east-1a',
CidrBlock=Ref(subnet_cidr_a),
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
subnet_b = template.add_resource(
resource=Subnet(title='SampleSubnetB',
AvailabilityZone='us-east-1b',
CidrBlock=Ref(subnet_cidr_b),
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
route_table = template.add_resource(
resource=RouteTable(title='SampleRoteTable', VpcId=Ref(vpc)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SampleRoteTableAssociationA',
RouteTableId=Ref(route_table),
SubnetId=Ref(subnet_a)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SampleRoteTableAssociationB',
RouteTableId=Ref(route_table),
SubnetId=Ref(subnet_b)))
template.add_resource(resource=Route(title='SampleRoute',
DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(igw),
RouteTableId=Ref(route_table)))
with open('./vpc.yml', mode='w') as file:
file.write(template.to_yaml())
def __build_subnet(self, subnet_config: SubnetConfig, vpc: VPC):
subnet = Subnet(
subnet_config.name,
CidrBlock=subnet_config.cidr,
VpcId=Ref(vpc),
MapPublicIpOnLaunch=subnet_config.map_public_ip_on_launch,
Tags=subnet_config.tags(),
)
if subnet_config.availability_zone:
subnet.AvailabilityZone = subnet_config.availability_zone
self.__template.add_resource(subnet)
self.__template.add_output(Output(subnet_config.name + "Id", Value=Ref(subnet)))
return subnet
def __build_subnet(self, subnet_config: SubnetConfig, vpc: VPC):
subnet = Subnet(
subnet_config.name,
CidrBlock=subnet_config.cidr,
VpcId=Ref(vpc),
MapPublicIpOnLaunch=subnet_config.map_public_ip_on_launch,
Tags=subnet_config.tags(),
)
if subnet_config.availability_zone:
subnet.AvailabilityZone = subnet_config.availability_zone
self.__template.add_resource(subnet)
self.__template.add_output(
Output(subnet_config.name + "Id", Value=Ref(subnet)))
return subnet
def _add_subnet_to_az(self, az, cidr, suffix):
subnet = self.add_resource(Subnet(
"%sSubnet%s" % (self.name, suffix),
VpcId=self.vpc_id,
AvailabilityZone=az,
CidrBlock=cidr,
Tags=Tags(
Name=Join("", [Ref("AWS::StackName"), "-public"]),
)
))
route_tbl = self.add_resource(RouteTable(
"%sRouteTable%s" % (self.name, suffix),
VpcId=self.vpc_id,
Tags=Tags(Name=Join("", [Ref("AWS::StackName"), "-public"]))
))
route = self.add_resource(Route(
"%sRoute%s" % (self.name, suffix),
GatewayId=self.igw,
DestinationCidrBlock="0.0.0.0/0",
RouteTableId=Ref(route_tbl),
))
subnet_route_tbl_assoc = self.add_resource(SubnetRouteTableAssociation(
"%sSubnetRouteAssoc%s" % (self.name, suffix),
SubnetId=Ref(subnet),
RouteTableId=Ref(route_tbl),
))
return subnet
def __build_subnet(self, subnet_config: SubnetConfig, vpc: VPC, additional_vpc_cidr_blocks: VPCCidrBlock):
if not subnet_config.cidr:
cidr = Ref(
self.__template.add_parameter(
Parameter(
f"{subnet_config.name}CIDR",
Description=f"The CIDR of the {subnet_config.name}",
Type="String",
AllowedPattern=r"\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/(1[6-9]|2[0-9]|3[0-2])$",
)
)
)
else:
cidr = subnet_config.cidr
subnet = Subnet(
subnet_config.name,
CidrBlock=cidr,
VpcId=Ref(vpc),
MapPublicIpOnLaunch=subnet_config.map_public_ip_on_launch,
Tags=subnet_config.tags(),
AvailabilityZone=subnet_config.availability_zone or self.__availability_zone,
DependsOn=additional_vpc_cidr_blocks,
)
self.__template.add_resource(subnet)
self.__template.add_output(Output(subnet_config.name + "SubnetId", Value=Ref(subnet)))
return subnet
def __create_dmz_subnet(template: Template, vpc, public_subnet):
dmz_subnet_cidr = template.add_parameter(parameter=Parameter(
title='DmzSubnetCidr', Type='String', Default='192.168.3.0/24'))
dmz_subnet = template.add_resource(
resource=Subnet(title='SampleDmzSubnet',
CidrBlock=Ref(dmz_subnet_cidr),
VpcId=Ref(vpc)))
dmz_route_table = template.add_resource(
resource=RouteTable(title='SampleDmzRoteTable', VpcId=Ref(vpc)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SampleDmzRoteTableAssociation',
RouteTableId=Ref(dmz_route_table),
SubnetId=Ref(dmz_subnet)))
eip = template.add_resource(resource=EIP(title='SampleEip', ))
ngw = template.add_resource(
resource=NatGateway(title='SampleNatGateway',
AllocationId=GetAtt(eip, "AllocationId"),
SubnetId=Ref(public_subnet)))
template.add_resource(resource=Route(title='SampleDmzRoute',
DestinationCidrBlock='0.0.0.0/0',
NatGatewayId=Ref(ngw),
RouteTableId=Ref(dmz_route_table)))
def add_public_subnet_c(self):
self.public_subnet_c = self.template.add_resource(Subnet(
'PublicSubnetC',
CidrBlock=self.sceptre_user_data["public_subnet_c"],
MapPublicIpOnLaunch=True,
VpcId=Ref(self.vpc),
))
def __create_public_subnet(template: Template, vpc) -> Subnet:
public_subnet_cidr = template.add_parameter(parameter=Parameter(
title='PublicSubnetCidr', Type='String', Default='192.168.1.0/24'))
igw = template.add_resource(resource=InternetGateway(title='SampleIgw'))
template.add_resource(resource=VPCGatewayAttachment(
title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw)))
public_subnet = template.add_resource(
resource=Subnet(title='SamplePublicSubnet',
CidrBlock=Ref(public_subnet_cidr),
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
public_route_table = template.add_resource(
resource=RouteTable(title='SamplePublicRoteTable', VpcId=Ref(vpc)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SamplePublicRoteTableAssociation',
RouteTableId=Ref(public_route_table),
SubnetId=Ref(public_subnet)))
template.add_resource(resource=Route(title='SamplePublicRoute',
DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(igw),
RouteTableId=Ref(public_route_table)))
return public_subnet
def add_subnet(self, name, availability_zone, cidr_block,
routing_table_name, vpc_name):
"""
Create a subnet
:param name: Name fo the subnet
:param availability_zone: AZ to deploy into
:param cidr_block: CIDR block
:param routing_table_name: Name of routing table
:param vpc_name: Name of VPC
"""
if isinstance(vpc_name, Ref):
vpc = vpc_name
else:
vpc = Ref(vpc_name)
self.template.add_resource(
Subnet(
name,
AvailabilityZone=availability_zone,
CidrBlock=cidr_block,
VpcId=vpc,
))
self.template.add_resource(
SubnetRouteTableAssociation(
"SubnetRouteTableAssociation{}".format(name),
SubnetId=Ref(name),
RouteTableId=Ref(routing_table_name),
))
def create_private_subnet(self, zone, ip_network):
"""Create private subnet and associated resources"""
if not 'Public' in self.network['Subnets'][zone]:
raise Exception(("Public subnet in {} does not exist to "
"create private subnet!").format(zone))
elif not 'NatGateway' in self.network['Subnets'][zone]['Public']:
raise Exception(
("No NAT Gateway in public subnet {} to associate "
"default route with in private subnet!").format(zone))
zone_title = self.data['Title'] + TITLE_CLEANUP_RE.subn('', zone)[0]
tag = Tag(Key='Name',
Value='{} {} Private'.format(self.data['Name'], zone))
subnet = Subnet(title=zone_title + 'Private',
template=self.data['Template'],
AvailabilityZone=zone,
CidrBlock=ip_network,
MapPublicIpOnLaunch=False,
Tags=[tag] + self.data['Tags'],
VpcId=Ref(self.network['VPC']))
tag = Tag(Key='Name',
Value='{} {} Private Route Table'.format(
self.data['Name'], zone))
routetable = RouteTable(title=zone_title + 'PrivateRouteTable',
template=self.data['Template'],
VpcId=Ref(self.network['VPC']),
Tags=[tag] + self.data['Tags'])
nat_gateway_id = Ref(
self.network['Subnets'][zone]['Public']['NatGateway'])
route = Route(title=zone_title + 'PrivateDefaultRoute',
template=self.data['Template'],
DestinationCidrBlock='0.0.0.0/0',
NatGatewayId=nat_gateway_id,
RouteTableId=Ref(routetable))
subnetroutetableassociation = SubnetRouteTableAssociation(
title=zone_title + 'PrivateSubnetRouteTableAssociation',
template=self.data['Template'],
RouteTableId=Ref(routetable),
SubnetId=Ref(subnet))
self.network['Subnets'][zone]['Private'] = {}
self.network['Subnets'][zone]['Private']['Subnet'] = subnet
self.network['Subnets'][zone]['Private']['RouteTable'] = routetable
self.network['Subnets'][zone]['Private']['DefaultRoute'] = route
self.network['Subnets'][zone]['Private'][
'SubnetRouteTableAssociation'] = subnetroutetableassociation
# Export Private Subnet ID
self.add_output(
title=self.data['Title'] + zone_title + 'PrivateSubnet',
description="Private Subnet ID of {} in {}".format(
self.data['Name'], zone),
value=Ref(subnet),
export=Sub('${{AWS::StackName}}{}PrivateSubnet'.format(zone)))
# Export Private Route Table ID
self.add_output(
title=self.data['Title'] + zone_title + 'PrivateRouteTable',
description="Private Route Table ID of {} in {}".format(
self.data['Name'], zone),
value=Ref(routetable),
export=Sub('${{AWS::StackName}}{}PrivateRouteTable'.format(zone)))
def create_subnet(self, subnet_name, cidr_block, vpc_name,
availability_zone):
t = self.template
t.add_resource(
Subnet(subnet_name,
CidrBlock=cidr_block,
VpcId=Ref(vpc_name),
AvailabilityZone=availability_zone))
def add_private_net(self):
self.private_net = self.template.add_resource(
Subnet(
'PrivateSubnet',
CidrBlock=self.sceptre_user_data["private_subnet"],
MapPublicIpOnLaunch=False,
VpcId=Ref(self.vpc),
))
def add_public_net(self):
self.public_net = self.template.add_resource(
Subnet(
'PublicSubnet',
CidrBlock=self.sceptre_user_data["public_subnet"],
MapPublicIpOnLaunch=True,
VpcId=Ref("VPC"),
))
def build_subnet(self, t, name, az, cidr):
subnet = t.add_resource(
Subnet(name.replace('-', ''),
VpcId=Ref(self.vpc),
AvailabilityZone=az,
CidrBlock=cidr,
Tags=self.DEFAULT_TAGS + [Tag('Name', name)]))
return subnet
def add_subnet( template, key, cidr_block, vpc, name='' ):
return template.add_resource(
Subnet(
key,
VpcId = Ref( vpc ),
CidrBlock = cidr_block,
Tags = Tags( Name=name )
)
)
def add_private_subnet2(self):
'''
Add a private subnet 2
'''
self.cfn_template.add_resource(
Subnet(title=constants.PRIV_SUBNET2,
VpcId=Ref(constants.VPC),
CidrBlock=Ref('PrivateSubnet2CIDRBlock'),
AvailabilityZone=Select('1', GetAZs())))
return self.cfn_template
def create_template():
template = Template()
vpc = template.add_parameter(
parameter=Parameter(title='Vpc', Type='String'))
key_name = template.add_parameter(
parameter=Parameter(title='KeyName', Type='String'))
subnet_a = template.add_resource(
resource=Subnet(title='SampleSubnetA',
AvailabilityZone='us-east-1a',
CidrBlock='192.168.10.0/24',
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
template.add_resource(resource=Subnet(title='SampleSubnetB',
AvailabilityZone='us-east-1b',
CidrBlock='192.168.11.0/24',
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
security_group = template.add_resource(
resource=SecurityGroup(title='SampleSecurityGroup',
GroupDescription='sample',
VpcId=Ref(vpc),
SecurityGroupIngress=[{
'IpProtocol': 'tcp',
'FromPort': 80,
'ToPort': 80,
'CidrIp': '0.0.0.0/0',
}]))
template.add_resource(resource=Instance(
title='SampleEc2Instance',
SubnetId=Ref(subnet_a),
SecurityGroupIds=[Ref(security_group)],
InstanceType='t2.micro',
ImageId='ami-0e2ff28bfb72a4e45',
KeyName=Ref(key_name),
))
with open('./driver.yml', mode='w') as file:
file.write(template.to_yaml())
def _create_public_network(self, subnet_configs):
public_route_table = RouteTable(
camelcase("{self.env}Public".format(**locals())),
VpcId=Ref(self.vpc),
Tags=[
{
'Key': 'Name',
'Value': "{self.env}-public".format(**locals())
},
{'Key': 'environment', 'Value': self.env}
],
DependsOn=self.vpc.title)
self.template.add_resource(public_route_table)
subnet_count = 0
existing_subnet_ids, existing_subnet_azs, az_balance = self._get_existing_subnet_info("PublicSubnet")
for subnet_title, subnet_config in subnet_configs.items():
subnet_count += 1
if f"PublicSubnet{subnet_count}" in existing_subnet_ids:
availability_zone = existing_subnet_azs[existing_subnet_ids[f"PublicSubnet{subnet_count}"]]
else:
availability_zone = min(az_balance, key=az_balance.get)
subnet_title = camelcase("{self.env}Public".format(**locals())) + \
pascalcase(re.sub('[^a-zA-Z0-9*]', '', subnet_title))
subnet_name = "{self.env}-public-{subnet_count}".format(**locals())
subnet = Subnet(
subnet_title,
AvailabilityZone=availability_zone,
CidrBlock=subnet_config['cidr'],
VpcId=Ref(self.vpc),
MapPublicIpOnLaunch=True,
Tags=[
{'Key': 'Name', 'Value': subnet_name},
{'Key': 'environment', 'Value': self.env}
]
)
self.public_subnets.append(subnet)
self.template.add_resource(subnet)
subnet_route_table_association = SubnetRouteTableAssociation(
camelcase("{self.env}PublicSubnet{subnet_count}Assoc".format(**locals())),
RouteTableId=Ref(public_route_table),
SubnetId=Ref(subnet)
)
self.template.add_resource(subnet_route_table_association)
internet_gateway_route = Route(
camelcase("{self.env}IgRoute".format(**locals())),
DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(self.internet_gateway),
RouteTableId=Ref(public_route_table)
)
self.template.add_resource(internet_gateway_route)
return None
def add_public_subnet2(self):
'''
Add a public subnet 2
'''
self.cfn_template.add_resource(
Subnet(title=constants.PUB_SUBNET2,
VpcId=Ref(constants.VPC),
CidrBlock=Ref('PublicSubnet2CIDRBlock'),
MapPublicIpOnLaunch="true",
AvailabilityZone=Select('1', GetAZs())))
return self.cfn_template
def create_subnet(_subnet_title,
_vpcid=None,
_availability_zone=None,
_map_public_ip_on_launch=False,
_subnet_cidr=None):
_sbnet = Subnet(title=_subnet_title,
CidrBlock=_subnet_cidr,
VpcId=_vpcid,
AvailabilityZone=_availability_zone,
MapPublicIpOnLaunch=_map_public_ip_on_launch)
return _sbnet
def add_storage_subnets(template, vpc, az_index, layers):
"""
Function to add storage subnets inside the VPC
:param layers: VPC layers
:type layers: dict
:param template: VPC Template()
:type template: troposphere.Template
:param vpc: Vpc() for Ref()
:type vpc: troposphere.ec2.Vpc
:param az_index: List of AZ Index (a,b,c..)
:type az_index: list
:returns: tuple() list of rtb, list of subnets
"""
rtb = RouteTable(
"StorageRtb",
template=template,
VpcId=Ref(vpc),
Tags=Tags(Name="StorageRtb") + Tags({f"vpc{DELIM}usage": "storage"}),
Metadata=metadata,
)
subnets = []
for index, subnet_cidr in zip(az_index, layers["stor"]):
subnet = Subnet(
f"StorageSubnet{index.upper()}",
template=template,
CidrBlock=subnet_cidr,
VpcId=Ref(vpc),
AvailabilityZone=Sub(f"${{AWS::Region}}{index}"),
Tags=Tags(
Name=If(
USE_STACK_NAME_CON_T,
Sub(f"${{AWS::StackName}}-Storage-{index}"),
Sub(f"${{{ROOT_STACK_NAME_T}}}-Storage-{index}"),
),
)
+ Tags({f"vpc{DELIM}usage": "storage", f"vpc{DELIM}vpc-id": Ref(vpc)}),
Metadata=metadata,
)
SubnetRouteTableAssociation(
f"StorageSubnetAssoc{index.upper()}",
template=template,
SubnetId=Ref(subnet),
RouteTableId=Ref(rtb),
Metadata=metadata,
)
subnets.append(subnet)
return [rtb], subnets
def __create_private_subnet(template: Template, vpc):
private_subnet_cidr = template.add_parameter(parameter=Parameter(
title='PrivateSubnetCidr', Type='String', Default='192.168.2.0/24'))
private_subnet = template.add_resource(
resource=Subnet(title='SamplePrivateSubnet',
CidrBlock=Ref(private_subnet_cidr),
VpcId=Ref(vpc)))
private_route_table = template.add_resource(
resource=RouteTable(title='SamplePrivateRoteTable', VpcId=Ref(vpc)))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SamplePrivateRoteTableAssociation',
RouteTableId=Ref(private_route_table),
SubnetId=Ref(private_subnet)))
def _create_vpc(self):
if self.vpc:
self.tpl.add_output(Output(self.OUTPUT_VPC, Value=self.vpc))
self.tpl.add_output(Output(self.OUTPUT_SUBNETS, Value=','.join(self.subnets)))
return
vpc = VPC(self.RESOURCE_EKS_VPC.name, CidrBlock=self.vpc_cidr, Tags=Tags(Name=self.tag_name))
self.tpl.add_resource(vpc)
gateway = self.tpl.add_resource(InternetGateway(self.RESOURCE_VPC_INTERNET_GATEWAY.name))
self.tpl.add_resource(VPCGatewayAttachment(
self.RESOURCE_VPC_GATEWAY_ATTACHMENT.name, VpcId=Ref(vpc), InternetGatewayId=Ref(gateway),
DependsOn=gateway,
))
rt = self.tpl.add_resource(RouteTable(
self.RESOURCE_VPC_ROUTE_TABLE.name, VpcId=Ref(vpc), DependsOn=gateway,
Tags=Tags(Name='public subnet', Network='public'),
))
self.tpl.add_resource(Route(
self.RESOURCE_VPC_ROUTE.name, RouteTableId=Ref(rt), DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(gateway),
))
self.resources.extend(deepcopy([self.RESOURCE_EKS_VPC, self.RESOURCE_VPC_INTERNET_GATEWAY,
self.RESOURCE_VPC_GATEWAY_ATTACHMENT, self.RESOURCE_VPC_ROUTE_TABLE,
self.RESOURCE_VPC_ROUTE]))
subnets = []
vpc_network = IPNetwork(self.vpc_cidr)
prefixlen = IPNetwork(self.vpc_cidr).prefixlen + (len(self.zones) - 1).bit_length()
cidrs = list(vpc_network.subnet(prefixlen))
for i, zone in enumerate(self.zones):
sname = self.RESOURCE_FORMAT_SUBNET.format(i + 1)
staname = self.RESOURCE_FORMAT_SUBNET_RTA.format(i + 1)
subnet = self.tpl.add_resource(Subnet(
sname, AvailabilityZone=zone, VpcId=Ref(vpc), CidrBlock=str(cidrs[i].cidr),
Tags=Tags(Name='{}-{}'.format(self.name, str(i + 1)))
))
self.resources.append(Resource(sname, 'EKS VPC {}'.format(sname), Status.not_exist))
self.tpl.add_resource(SubnetRouteTableAssociation(
staname, SubnetId=Ref(subnet), RouteTableId=Ref(rt)
))
self.resources.append(Resource(staname, 'EKS VPC {}'.format(staname), Status.not_exist))
subnets.append(subnet)
self.subnet_refs = [Ref(s) for s in subnets]
self.tpl.add_output(Output(self.OUTPUT_VPC, Value=Ref(vpc)))
self.tpl.add_output(Output(self.OUTPUT_SUBNETS, Value=Join(',', self.subnet_refs)))
def addSubnet(template, Env, Owner, CidrBlock, Name, AvailabilityZone,
MapPublicIpOnLaunch, Network):
return template.add_resource(
Subnet(Name.replace("-", "").replace(" ", "") +
CidrBlock.replace("/", "").replace(".", ""),
CidrBlock=CidrBlock,
AvailabilityZone=AvailabilityZone,
MapPublicIpOnLaunch=MapPublicIpOnLaunch,
VpcId=Ref("VPC"),
Tags=Tags(
**{
'Name': Name + " - " + Network + " Subnet - " +
AvailabilityZone,
'Network': Network,
'Env': Env,
'Owner': Owner,
})))
def subnet_adder(self, subnet_list, name_ref, route_table_name):
for index, cidr in enumerate(subnet_list):
self.template.add_resource(
Subnet(
name_ref + str(index),
CidrBlock=str(cidr),
VpcId=Ref(self.vpc),
# not a fan of the below line, but will do for now. This basically exists to ensure that subnets are
# distributed between availability zones. However, since we are always creating 3 pub/priv subnets
# this will fail if there are less than 3 AZs in a given region. Ideally the subnet count &
# distribution would happen dynamically based on how many zones are available.
AvailabilityZone=Select(index, self.azs)))
self.template.add_resource(
SubnetRouteTableAssociation(
route_table_name + str(index),
SubnetId=Ref(name_ref + str(index)),
RouteTableId=Ref(route_table_name)))
def create_subnet(stack,
name,
subnet_cidr,
avail_zone='us-east-1a',
public_ip=False):
"""Add VPC Subnet Resource."""
return stack.stack.add_resource(
Subnet(
'{0}Subnet'.format(name),
CidrBlock=Ref(subnet_cidr),
MapPublicIpOnLaunch=public_ip,
AvailabilityZone=avail_zone,
VpcId=Ref(stack.vpc),
Tags=[
{
'Key': 'Name',
'Value': '{0}{1}'.format(stack.env, name)
},
],
))
def add_subnets(availability_zones, cidrType, map_public_ip, prefix, postfix):
subnets = {}
cidrs = cidr_to_subnets(cidrType)
for availability_zone in availability_zones:
subnets[availability_zone] = {}
subnets[availability_zone][cidrType] = {}
items = {}
for subnet_name in get_subnet_names(cidrType):
items[subnet_name] = t.add_resource(
Subnet(
prefix + availability_zone.replace("-", "") + subnet_name.upper(),
VpcId=Ref("vpcId"),
AvailabilityZone=availability_zone,
CidrBlock=cidrs[availability_zone][cidrType][subnet_name],
MapPublicIpOnLaunch=map_public_ip,
Tags=Tags(
Name=Join("", [Ref("stackName"), "-" + availability_zone + "-" + postfix + "-" + subnet_name.upper()])
)
))
subnets[availability_zone][cidrType] = items
return subnets
def __create_private_subnet(template: Template, vpc):
private_route_table = template.add_resource(
resource=RouteTable(title='SamplePrivateRoteTable', VpcId=Ref(vpc)))
for suffix in ['A', 'B']:
private_subnet_cidr = template.add_parameter(
parameter=Parameter(title='PrivateSubnetCidr' + suffix,
Type='String',
Default=__get_subnet_cidr()))
private_subnet = template.add_resource(
resource=Subnet(title='SamplePrivateSubnet' + suffix,
AvailabilityZone=Sub('${AWS::Region}' +
suffix.lower()),
CidrBlock=Ref(private_subnet_cidr),
VpcId=Ref(vpc)))
add_export(template, private_subnet.title + 'Id', Ref(private_subnet))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SamplePrivateRoteTableAssociation' + suffix,
RouteTableId=Ref(private_route_table),
SubnetId=Ref(private_subnet)))
def __create_public_subnet(template: Template, vpc) -> Subnet:
igw = template.add_resource(resource=InternetGateway(title='SampleIgw'))
template.add_resource(resource=VPCGatewayAttachment(
title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw)))
public_route_table = template.add_resource(
resource=RouteTable(title='SamplePublicRoteTable', VpcId=Ref(vpc)))
for suffix in ['A', 'B']:
public_subnet_cidr = template.add_parameter(
parameter=Parameter(title='PublicSubnetCidr' + suffix,
Type='String',
Default=__get_subnet_cidr()))
public_subnet = template.add_resource(
resource=Subnet(title='SamplePublicSubnet' + suffix,
AvailabilityZone=Sub('${AWS::Region}' +
suffix.lower()),
CidrBlock=Ref(public_subnet_cidr),
MapPublicIpOnLaunch=True,
VpcId=Ref(vpc)))
add_export(template, public_subnet.title + 'Id', Ref(public_subnet))
template.add_resource(resource=SubnetRouteTableAssociation(
title='SamplePublicRoteTableAssociation' + suffix,
RouteTableId=Ref(public_route_table),
SubnetId=Ref(public_subnet)))
template.add_resource(resource=Route(title='SamplePublicRoute',
DestinationCidrBlock='0.0.0.0/0',
GatewayId=Ref(igw),
RouteTableId=Ref(public_route_table)))
return public_subnet
############################# VPC AND SUBNET ###########################################
VPC = template.add_resource(
VPC('VPC',
CidrBlock=vpc.CidrBlock,
EnableDnsSupport=True,
EnableDnsHostnames=True,
Tags=Tags(Name=environmentString + "VPC",
Stack=Ref("AWS::StackName"))))
vpc.instance = VPC
for f in vpc.subnets:
subnet = template.add_resource(
Subnet(f.name,
CidrBlock=f.CidrBlock,
VpcId=Ref(VPC),
MapPublicIpOnLaunch=f.MapPublicIpOnLaunch,
AvailabilityZone=Select(f.AvailabilityZone, GetAZs()),
Tags=Tags(Name=environmentString + f.name,
Stack=Ref("AWS::StackName"))))
f.instance = subnet
############################# ADD GATEWAY AND ROLE ###########################
internetGateway = template.add_resource(
InternetGateway('InternetGateway',
Tags=Tags(Name=environmentString + "Internet-Gateway",
Stack=Ref("AWS::StackName"))))
gatewayAttachment = template.add_resource(
VPCGatewayAttachment('AttachGateway',
VpcId=Ref(VPC),
InternetGatewayId=Ref(internetGateway)))
Name = config['name'] + '-route-table'
)
t.add_resource(route_table)
# route to igw
route_igw = Route(config['name'] + 'Igw')
route_igw.DestinationCidrBlock = '0.0.0.0/0'
route_igw.GatewayId = Ref(internet_gateway)
route_igw.RouteTableId = Ref(route_table)
t.add_resource(route_igw)
# subnets
app_subnets = []
route_table_associations = []
for subnet in config['vpc']['app_subnets']:
sub = Subnet('PublicSubnet' + subnet[0])
sub.VpcId = Ref(vpc)
sub.CidrBlock = subnet[1]
sub.AvailabilityZone = subnet[2]
sub.Tags = Tags(Application = Ref('AWS::StackName'))
t.add_resource(sub)
app_subnets.append(sub)
# route table associations need to be handled per subnet
rta = SubnetRouteTableAssociation(config['name'] + 'Rta' + subnet[0])
rta.RouteTableId = Ref(route_table)
rta.SubnetId = Ref(sub)
t.add_resource(rta)
route_table_associations.append(rta)
# security group addresses
