def create_vpc_template(): template = Template() vpc_cidr = template.add_parameter(parameter=Parameter( title='VpcCidr', Type='String', Default='192.168.0.0/16')) subnet_cidr_a = template.add_parameter(parameter=Parameter( title='SubnetCidr1', Type='String', Default='192.168.1.0/24')) subnet_cidr_b = template.add_parameter(parameter=Parameter( title='SubnetCidr2', Type='String', Default='192.168.2.0/24')) vpc = template.add_resource(resource=VPC( title='SampleVpc', CidrBlock=Ref(vpc_cidr), EnableDnsHostnames=True)) igw = template.add_resource(resource=InternetGateway(title='SampleIgw')) template.add_resource(resource=VPCGatewayAttachment( title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw))) subnet_a = template.add_resource( resource=Subnet(title='SampleSubnetA', AvailabilityZone='us-east-1a', CidrBlock=Ref(subnet_cidr_a), MapPublicIpOnLaunch=True, VpcId=Ref(vpc))) subnet_b = template.add_resource( resource=Subnet(title='SampleSubnetB', AvailabilityZone='us-east-1b', CidrBlock=Ref(subnet_cidr_b), MapPublicIpOnLaunch=True, VpcId=Ref(vpc))) route_table = template.add_resource( resource=RouteTable(title='SampleRoteTable', VpcId=Ref(vpc))) template.add_resource(resource=SubnetRouteTableAssociation( title='SampleRoteTableAssociationA', RouteTableId=Ref(route_table), SubnetId=Ref(subnet_a))) template.add_resource(resource=SubnetRouteTableAssociation( title='SampleRoteTableAssociationB', RouteTableId=Ref(route_table), SubnetId=Ref(subnet_b))) template.add_resource(resource=Route(title='SampleRoute', DestinationCidrBlock='0.0.0.0/0', GatewayId=Ref(igw), RouteTableId=Ref(route_table))) with open('./vpc.yml', mode='w') as file: file.write(template.to_yaml())
def add_private_route_association(self): self.private_route_association = self.template.add_resource( SubnetRouteTableAssociation( 'PrivateRouteAssociation', SubnetId=Ref(self.private_net), RouteTableId=Ref(self.private_route_table), ))
def buildTemplate(self): self.buildParams() for c in self.conditions: self.t.add_condition(c, self.conditions[c]) mysubnet=self.t.add_resource(ec2Subnet( "Subnet", CidrBlock=Ref(self.paramCIDRBLock), MapPublicIpOnLaunch=Ref(self.paramMapPublicIP), VpcId=Ref(self.paramVPCID), )) self.t.add_resource(SubnetRouteTableAssociation( "SubnetAssociation", RouteTableId=Ref(self.paramRouteTable), SubnetId=Ref(mysubnet), )) self.t.add_output([ Output( "SubnetId", Description="SubnetId of the created Subnet", Value=Ref(mysubnet) ) ])
def __create_dmz_subnet(template: Template, vpc, public_subnet): dmz_subnet_cidr = template.add_parameter(parameter=Parameter( title='DmzSubnetCidr', Type='String', Default='192.168.3.0/24')) dmz_subnet = template.add_resource( resource=Subnet(title='SampleDmzSubnet', CidrBlock=Ref(dmz_subnet_cidr), VpcId=Ref(vpc))) dmz_route_table = template.add_resource( resource=RouteTable(title='SampleDmzRoteTable', VpcId=Ref(vpc))) template.add_resource(resource=SubnetRouteTableAssociation( title='SampleDmzRoteTableAssociation', RouteTableId=Ref(dmz_route_table), SubnetId=Ref(dmz_subnet))) eip = template.add_resource(resource=EIP(title='SampleEip', )) ngw = template.add_resource( resource=NatGateway(title='SampleNatGateway', AllocationId=GetAtt(eip, "AllocationId"), SubnetId=Ref(public_subnet))) template.add_resource(resource=Route(title='SampleDmzRoute', DestinationCidrBlock='0.0.0.0/0', NatGatewayId=Ref(ngw), RouteTableId=Ref(dmz_route_table)))
def __create_public_subnet(template: Template, vpc) -> Subnet: public_subnet_cidr = template.add_parameter(parameter=Parameter( title='PublicSubnetCidr', Type='String', Default='192.168.1.0/24')) igw = template.add_resource(resource=InternetGateway(title='SampleIgw')) template.add_resource(resource=VPCGatewayAttachment( title='SampleAttachment', VpcId=Ref(vpc), InternetGatewayId=Ref(igw))) public_subnet = template.add_resource( resource=Subnet(title='SamplePublicSubnet', CidrBlock=Ref(public_subnet_cidr), MapPublicIpOnLaunch=True, VpcId=Ref(vpc))) public_route_table = template.add_resource( resource=RouteTable(title='SamplePublicRoteTable', VpcId=Ref(vpc))) template.add_resource(resource=SubnetRouteTableAssociation( title='SamplePublicRoteTableAssociation', RouteTableId=Ref(public_route_table), SubnetId=Ref(public_subnet))) template.add_resource(resource=Route(title='SamplePublicRoute', DestinationCidrBlock='0.0.0.0/0', GatewayId=Ref(igw), RouteTableId=Ref(public_route_table))) return public_subnet
def addSubnetRouteTableAssociation(template, subnet, routeTable): return template.add_resource( SubnetRouteTableAssociation( subnet.title + routeTable.title, SubnetId=Ref(subnet), RouteTableId=Ref(routeTable), ))
def add_subnet(self, name, availability_zone, cidr_block, routing_table_name, vpc_name): """ Create a subnet :param name: Name fo the subnet :param availability_zone: AZ to deploy into :param cidr_block: CIDR block :param routing_table_name: Name of routing table :param vpc_name: Name of VPC """ if isinstance(vpc_name, Ref): vpc = vpc_name else: vpc = Ref(vpc_name) self.template.add_resource( Subnet( name, AvailabilityZone=availability_zone, CidrBlock=cidr_block, VpcId=vpc, )) self.template.add_resource( SubnetRouteTableAssociation( "SubnetRouteTableAssociation{}".format(name), SubnetId=Ref(name), RouteTableId=Ref(routing_table_name), ))
def add_SubnetRouteTableAssociation(self): # print self.sceptre_user_data self.SubnetRouteTableAssociation = self.template.add_resource( SubnetRouteTableAssociation("PubSubnetAssoc", SubnetId=Ref(self.Subnet), RouteTableId=Ref( self.PublicRouteTable)))
def _add_subnet_to_az(self, az, cidr, suffix): subnet = self.add_resource(Subnet( "%sSubnet%s" % (self.name, suffix), VpcId=self.vpc_id, AvailabilityZone=az, CidrBlock=cidr, Tags=Tags( Name=Join("", [Ref("AWS::StackName"), "-public"]), ) )) route_tbl = self.add_resource(RouteTable( "%sRouteTable%s" % (self.name, suffix), VpcId=self.vpc_id, Tags=Tags(Name=Join("", [Ref("AWS::StackName"), "-public"])) )) route = self.add_resource(Route( "%sRoute%s" % (self.name, suffix), GatewayId=self.igw, DestinationCidrBlock="0.0.0.0/0", RouteTableId=Ref(route_tbl), )) subnet_route_tbl_assoc = self.add_resource(SubnetRouteTableAssociation( "%sSubnetRouteAssoc%s" % (self.name, suffix), SubnetId=Ref(subnet), RouteTableId=Ref(route_tbl), )) return subnet
def route_table_subnet_association(self, t, tier, subnet_id, route_table_id): association = t.add_resource( SubnetRouteTableAssociation(tier + 'RouteTableAssociation', SubnetId=subnet_id, RouteTableId=route_table_id)) return 0
def create_subnet_route_association(self, subnet_name, route_table_name): association_name = subnet_name + "RouteAssociation" t = self.template t.add_resource( SubnetRouteTableAssociation(association_name, SubnetId=Ref(subnet_name), RouteTableId=Ref(route_table_name)))
def create_private_subnet(self, zone, ip_network): """Create private subnet and associated resources""" if not 'Public' in self.network['Subnets'][zone]: raise Exception(("Public subnet in {} does not exist to " "create private subnet!").format(zone)) elif not 'NatGateway' in self.network['Subnets'][zone]['Public']: raise Exception( ("No NAT Gateway in public subnet {} to associate " "default route with in private subnet!").format(zone)) zone_title = self.data['Title'] + TITLE_CLEANUP_RE.subn('', zone)[0] tag = Tag(Key='Name', Value='{} {} Private'.format(self.data['Name'], zone)) subnet = Subnet(title=zone_title + 'Private', template=self.data['Template'], AvailabilityZone=zone, CidrBlock=ip_network, MapPublicIpOnLaunch=False, Tags=[tag] + self.data['Tags'], VpcId=Ref(self.network['VPC'])) tag = Tag(Key='Name', Value='{} {} Private Route Table'.format( self.data['Name'], zone)) routetable = RouteTable(title=zone_title + 'PrivateRouteTable', template=self.data['Template'], VpcId=Ref(self.network['VPC']), Tags=[tag] + self.data['Tags']) nat_gateway_id = Ref( self.network['Subnets'][zone]['Public']['NatGateway']) route = Route(title=zone_title + 'PrivateDefaultRoute', template=self.data['Template'], DestinationCidrBlock='0.0.0.0/0', NatGatewayId=nat_gateway_id, RouteTableId=Ref(routetable)) subnetroutetableassociation = SubnetRouteTableAssociation( title=zone_title + 'PrivateSubnetRouteTableAssociation', template=self.data['Template'], RouteTableId=Ref(routetable), SubnetId=Ref(subnet)) self.network['Subnets'][zone]['Private'] = {} self.network['Subnets'][zone]['Private']['Subnet'] = subnet self.network['Subnets'][zone]['Private']['RouteTable'] = routetable self.network['Subnets'][zone]['Private']['DefaultRoute'] = route self.network['Subnets'][zone]['Private'][ 'SubnetRouteTableAssociation'] = subnetroutetableassociation # Export Private Subnet ID self.add_output( title=self.data['Title'] + zone_title + 'PrivateSubnet', description="Private Subnet ID of {} in {}".format( self.data['Name'], zone), value=Ref(subnet), export=Sub('${{AWS::StackName}}{}PrivateSubnet'.format(zone))) # Export Private Route Table ID self.add_output( title=self.data['Title'] + zone_title + 'PrivateRouteTable', description="Private Route Table ID of {} in {}".format( self.data['Name'], zone), value=Ref(routetable), export=Sub('${{AWS::StackName}}{}PrivateRouteTable'.format(zone)))
def add_route_table_association( template, key, route_table, subnet ): return template.add_resource( SubnetRouteTableAssociation( key, RouteTableId = Ref( route_table ), SubnetId = Ref( subnet ) ) )
def attach_route_table(template, vpc, subnet, gateway): routetable = RouteTable("sgdemoroutetable", VpcId = Ref(vpc)) template.add_resource(routetable) route = Route("sgdemoroute1", RouteTableId = Ref(routetable), DestinationCidrBlock = "0.0.0.0/0", GatewayId = Ref(gateway)) template.add_resource(route) routetableassoc = SubnetRouteTableAssociation("sgdemosubnetroute1", RouteTableId = Ref(routetable), SubnetId = Ref(subnet)) template.add_resource(routetableassoc) return routetable
def create_subnet_route_table_association(sn_rt_title, routetableid=None, subnetid=None): _subnet_routetable_association = SubnetRouteTableAssociation( title=sn_rt_title, RouteTableId=routetableid, SubnetId=subnetid) return _subnet_routetable_association
def associate_routes(stack, subnet_list=()): """Add Route Association Resources.""" for association in subnet_list: stack.stack.add_resource( SubnetRouteTableAssociation( '{0}RouteAssociation'.format(association['name']), SubnetId=Ref(association['subnet']), RouteTableId=Ref(association['route_table'])))
def _create_public_network(self, subnet_configs): public_route_table = RouteTable( camelcase("{self.env}Public".format(**locals())), VpcId=Ref(self.vpc), Tags=[ { 'Key': 'Name', 'Value': "{self.env}-public".format(**locals()) }, {'Key': 'environment', 'Value': self.env} ], DependsOn=self.vpc.title) self.template.add_resource(public_route_table) subnet_count = 0 existing_subnet_ids, existing_subnet_azs, az_balance = self._get_existing_subnet_info("PublicSubnet") for subnet_title, subnet_config in subnet_configs.items(): subnet_count += 1 if f"PublicSubnet{subnet_count}" in existing_subnet_ids: availability_zone = existing_subnet_azs[existing_subnet_ids[f"PublicSubnet{subnet_count}"]] else: availability_zone = min(az_balance, key=az_balance.get) subnet_title = camelcase("{self.env}Public".format(**locals())) + \ pascalcase(re.sub('[^a-zA-Z0-9*]', '', subnet_title)) subnet_name = "{self.env}-public-{subnet_count}".format(**locals()) subnet = Subnet( subnet_title, AvailabilityZone=availability_zone, CidrBlock=subnet_config['cidr'], VpcId=Ref(self.vpc), MapPublicIpOnLaunch=True, Tags=[ {'Key': 'Name', 'Value': subnet_name}, {'Key': 'environment', 'Value': self.env} ] ) self.public_subnets.append(subnet) self.template.add_resource(subnet) subnet_route_table_association = SubnetRouteTableAssociation( camelcase("{self.env}PublicSubnet{subnet_count}Assoc".format(**locals())), RouteTableId=Ref(public_route_table), SubnetId=Ref(subnet) ) self.template.add_resource(subnet_route_table_association) internet_gateway_route = Route( camelcase("{self.env}IgRoute".format(**locals())), DestinationCidrBlock='0.0.0.0/0', GatewayId=Ref(self.internet_gateway), RouteTableId=Ref(public_route_table) ) self.template.add_resource(internet_gateway_route) return None
def add_public_subnet_routetable_association1(self): ''' Add a public subnet route-table association to public subnet 1 ''' self.cfn_template.add_resource( SubnetRouteTableAssociation( title=constants.PUB_RT_ASS1, SubnetId=Ref(constants.PUB_SUBNET1), RouteTableId=Ref(constants.PUB_RT), )) return self.cfn_template
def add_private_subnet_routetable_association2(self): ''' Add a private subnet route-table association to private subnet 2 ''' self.cfn_template.add_resource( SubnetRouteTableAssociation( title=constants.PRIV_RT_ASS2, SubnetId=Ref(constants.PRIV_SUBNET2), RouteTableId=Ref(constants.PRIV_RT), )) return self.cfn_template
def add_storage_subnets(template, vpc, az_index, layers): """ Function to add storage subnets inside the VPC :param layers: VPC layers :type layers: dict :param template: VPC Template() :type template: troposphere.Template :param vpc: Vpc() for Ref() :type vpc: troposphere.ec2.Vpc :param az_index: List of AZ Index (a,b,c..) :type az_index: list :returns: tuple() list of rtb, list of subnets """ rtb = RouteTable( "StorageRtb", template=template, VpcId=Ref(vpc), Tags=Tags(Name="StorageRtb") + Tags({f"vpc{DELIM}usage": "storage"}), Metadata=metadata, ) subnets = [] for index, subnet_cidr in zip(az_index, layers["stor"]): subnet = Subnet( f"StorageSubnet{index.upper()}", template=template, CidrBlock=subnet_cidr, VpcId=Ref(vpc), AvailabilityZone=Sub(f"${{AWS::Region}}{index}"), Tags=Tags( Name=If( USE_STACK_NAME_CON_T, Sub(f"${{AWS::StackName}}-Storage-{index}"), Sub(f"${{{ROOT_STACK_NAME_T}}}-Storage-{index}"), ), ) + Tags({f"vpc{DELIM}usage": "storage", f"vpc{DELIM}vpc-id": Ref(vpc)}), Metadata=metadata, ) SubnetRouteTableAssociation( f"StorageSubnetAssoc{index.upper()}", template=template, SubnetId=Ref(subnet), RouteTableId=Ref(rtb), Metadata=metadata, ) subnets.append(subnet) return [rtb], subnets
def add_public_subnet_assoc(availability_zones, prefix): subnet = {} for availability_zone in availability_zones: subnet[availability_zone] = {} subnet[availability_zone]["public"] = {} items = {} for subnet_name in get_subnet_names("public"): items[subnet_name] = t.add_resource( SubnetRouteTableAssociation( prefix + availability_zone.replace("-", "") + subnet_name.upper(), RouteTableId=Ref(public_routing_tables[availability_zone]["public"][subnet_name]), SubnetId=Ref(public_subnets[availability_zone]["public"][subnet_name]), )) subnet[availability_zone]["public"] = items return subnet
def __create_private_subnet(template: Template, vpc): private_subnet_cidr = template.add_parameter(parameter=Parameter( title='PrivateSubnetCidr', Type='String', Default='192.168.2.0/24')) private_subnet = template.add_resource( resource=Subnet(title='SamplePrivateSubnet', CidrBlock=Ref(private_subnet_cidr), VpcId=Ref(vpc))) private_route_table = template.add_resource( resource=RouteTable(title='SamplePrivateRoteTable', VpcId=Ref(vpc))) template.add_resource(resource=SubnetRouteTableAssociation( title='SamplePrivateRoteTableAssociation', RouteTableId=Ref(private_route_table), SubnetId=Ref(private_subnet)))
def _create_vpc(self): if self.vpc: self.tpl.add_output(Output(self.OUTPUT_VPC, Value=self.vpc)) self.tpl.add_output(Output(self.OUTPUT_SUBNETS, Value=','.join(self.subnets))) return vpc = VPC(self.RESOURCE_EKS_VPC.name, CidrBlock=self.vpc_cidr, Tags=Tags(Name=self.tag_name)) self.tpl.add_resource(vpc) gateway = self.tpl.add_resource(InternetGateway(self.RESOURCE_VPC_INTERNET_GATEWAY.name)) self.tpl.add_resource(VPCGatewayAttachment( self.RESOURCE_VPC_GATEWAY_ATTACHMENT.name, VpcId=Ref(vpc), InternetGatewayId=Ref(gateway), DependsOn=gateway, )) rt = self.tpl.add_resource(RouteTable( self.RESOURCE_VPC_ROUTE_TABLE.name, VpcId=Ref(vpc), DependsOn=gateway, Tags=Tags(Name='public subnet', Network='public'), )) self.tpl.add_resource(Route( self.RESOURCE_VPC_ROUTE.name, RouteTableId=Ref(rt), DestinationCidrBlock='0.0.0.0/0', GatewayId=Ref(gateway), )) self.resources.extend(deepcopy([self.RESOURCE_EKS_VPC, self.RESOURCE_VPC_INTERNET_GATEWAY, self.RESOURCE_VPC_GATEWAY_ATTACHMENT, self.RESOURCE_VPC_ROUTE_TABLE, self.RESOURCE_VPC_ROUTE])) subnets = [] vpc_network = IPNetwork(self.vpc_cidr) prefixlen = IPNetwork(self.vpc_cidr).prefixlen + (len(self.zones) - 1).bit_length() cidrs = list(vpc_network.subnet(prefixlen)) for i, zone in enumerate(self.zones): sname = self.RESOURCE_FORMAT_SUBNET.format(i + 1) staname = self.RESOURCE_FORMAT_SUBNET_RTA.format(i + 1) subnet = self.tpl.add_resource(Subnet( sname, AvailabilityZone=zone, VpcId=Ref(vpc), CidrBlock=str(cidrs[i].cidr), Tags=Tags(Name='{}-{}'.format(self.name, str(i + 1))) )) self.resources.append(Resource(sname, 'EKS VPC {}'.format(sname), Status.not_exist)) self.tpl.add_resource(SubnetRouteTableAssociation( staname, SubnetId=Ref(subnet), RouteTableId=Ref(rt) )) self.resources.append(Resource(staname, 'EKS VPC {}'.format(staname), Status.not_exist)) subnets.append(subnet) self.subnet_refs = [Ref(s) for s in subnets] self.tpl.add_output(Output(self.OUTPUT_VPC, Value=Ref(vpc))) self.tpl.add_output(Output(self.OUTPUT_SUBNETS, Value=Join(',', self.subnet_refs)))
def __build_route_table( self, subnet_config: SubnetConfig, subnet_ref: Subnet, vpc: VPC, internet_gateway, nat_gateway: NatGateway ): internet_gateway = If(self.__create_ig, internet_gateway, self.__gateway_id) route_table = self.__template.add_resource( RouteTable( "RouteTable" + subnet_config.name, VpcId=Ref(vpc), Tags=Tags(Name=TAGS_PREFIX + "RouteTable" + subnet_config.name, Stack=Ref("AWS::StackId")), ) ) self.__template.add_resource( SubnetRouteTableAssociation( "RouteAssociation" + subnet_config.name, SubnetId=Ref(subnet_ref), RouteTableId=Ref(route_table) ) ) if subnet_config.default_gateway == Gateways.INTERNET_GATEWAY: self.__template.add_resource( Route( "DefaultRouteDependsOn" + subnet_config.name, RouteTableId=Ref(route_table), DestinationCidrBlock="0.0.0.0/0", GatewayId=internet_gateway, DependsOn="VPCGatewayAttachment", Condition=self.__create_ig, ) ) self.__template.add_resource( Route( "DefaultRouteNoDependsOn" + subnet_config.name, RouteTableId=Ref(route_table), DestinationCidrBlock="0.0.0.0/0", GatewayId=internet_gateway, Condition=self.__existing_ig, # cant use Not() ) ) elif subnet_config.default_gateway == Gateways.NAT_GATEWAY: self.__template.add_resource( Route( "NatRoute" + subnet_config.name, RouteTableId=Ref(route_table), DestinationCidrBlock="0.0.0.0/0", NatGatewayId=Ref(nat_gateway), ) )
def subnet_adder(self, subnet_list, name_ref, route_table_name): for index, cidr in enumerate(subnet_list): self.template.add_resource( Subnet( name_ref + str(index), CidrBlock=str(cidr), VpcId=Ref(self.vpc), # not a fan of the below line, but will do for now. This basically exists to ensure that subnets are # distributed between availability zones. However, since we are always creating 3 pub/priv subnets # this will fail if there are less than 3 AZs in a given region. Ideally the subnet count & # distribution would happen dynamically based on how many zones are available. AvailabilityZone=Select(index, self.azs))) self.template.add_resource( SubnetRouteTableAssociation( route_table_name + str(index), SubnetId=Ref(name_ref + str(index)), RouteTableId=Ref(route_table_name)))
def __init__(self, title, template, *args, **kwargs): super().__init__(title, template, *args, **kwargs) RouteTable(title + 'routetable', template, VpcId=self.properties['VpcId'], Tags=kwargs['Tags']) Route(title + 'route', template, DestinationCidrBlock='0.0.0.0/0', NatGatewayId=Ref( 'public' + self.properties['AvailabilityZone'].replace('-', '') + 'natgateway'), RouteTableId=Ref(self.name + 'routetable')) SubnetRouteTableAssociation(title + 'subnetroutetableassociation', template, RouteTableId=Ref(self.name + 'routetable'), SubnetId=Ref(self))
def __build_route_table( self, subnet_config: SubnetConfig, subnet_ref: Subnet, vpc: VPC, internet_gateway: InternetGateway, internet_gateway_attachment: VPCGatewayAttachment, nat_gateway: NatGateway, ): route_table = self.__template.add_resource( RouteTable( "RouteTable" + subnet_config.name, VpcId=Ref(vpc), Tags=Tags(Name=Sub("${AWS::StackName}_route_table_" + subnet_config.name), Stack=Ref("AWS::StackId")), )) self.__template.add_resource( SubnetRouteTableAssociation("RouteAssociation" + subnet_config.name, SubnetId=Ref(subnet_ref), RouteTableId=Ref(route_table))) if subnet_config.default_gateway == Gateways.INTERNET_GATEWAY: self.__template.add_resource( Route( "DefaultRoute" + subnet_config.name, RouteTableId=Ref(route_table), DestinationCidrBlock="0.0.0.0/0", GatewayId=Ref(internet_gateway), DependsOn=internet_gateway_attachment, )) elif subnet_config.default_gateway == Gateways.NAT_GATEWAY: self.__template.add_resource( Route( "NatRoute" + subnet_config.name, RouteTableId=Ref(route_table), DestinationCidrBlock="0.0.0.0/0", NatGatewayId=Ref(nat_gateway), ))
def __create_private_subnet(template: Template, vpc): private_route_table = template.add_resource( resource=RouteTable(title='SamplePrivateRoteTable', VpcId=Ref(vpc))) for suffix in ['A', 'B']: private_subnet_cidr = template.add_parameter( parameter=Parameter(title='PrivateSubnetCidr' + suffix, Type='String', Default=__get_subnet_cidr())) private_subnet = template.add_resource( resource=Subnet(title='SamplePrivateSubnet' + suffix, AvailabilityZone=Sub('${AWS::Region}' + suffix.lower()), CidrBlock=Ref(private_subnet_cidr), VpcId=Ref(vpc))) add_export(template, private_subnet.title + 'Id', Ref(private_subnet)) template.add_resource(resource=SubnetRouteTableAssociation( title='SamplePrivateRoteTableAssociation' + suffix, RouteTableId=Ref(private_route_table), SubnetId=Ref(private_subnet)))
def _add_route_tables(self): self.routeTable = RouteTable( 'RouteTable', VpcId=Ref(self.parameters['VpcId']), Tags=Tags(Name=Join( '-', [Ref(self.parameters['StackPrefix']), "public"])), ) self.template.add_resource(self.routeTable) self.public_route = Route( 'Route', GatewayId=Ref(self.parameters['IgwId']), DestinationCidrBlock='0.0.0.0/0', RouteTableId=Ref(self.routeTable), ) self.template.add_resource(self.public_route) self.subnetRouteTableAssociation1 = SubnetRouteTableAssociation( 'PubSubnetRouteTableAssociation1', SubnetId=Ref(self.public_subnets['PubSubnet1']), RouteTableId=Ref(self.routeTable), ) self.template.add_resource(self.subnetRouteTableAssociation1)
def __init__(self, title, template, *args, **kwargs): super().__init__(title, template, *args, **kwargs) EIP(title + 'eip', template, Domain='vpc', DependsOn='vpcgatewayattachment') NatGateway(title + 'natgateway', template, AllocationId=GetAtt(title + 'eip', 'AllocationId'), SubnetId=Ref(self), DependsOn=title + 'eip') RouteTable(title + 'routetable', template, VpcId=self.properties['VpcId'], Tags=kwargs['Tags']) Route(title + 'route', template, DestinationCidrBlock='0.0.0.0/0', GatewayId=Ref('internetgateway'), RouteTableId=Ref(title + 'routetable')) SubnetRouteTableAssociation(title + 'subnetroutetableassociation', template, RouteTableId=Ref(title + 'routetable'), SubnetId=Ref(self))
t.add_resource(route_igw) # subnets app_subnets = [] route_table_associations = [] for subnet in config['vpc']['app_subnets']: sub = Subnet('PublicSubnet' + subnet[0]) sub.VpcId = Ref(vpc) sub.CidrBlock = subnet[1] sub.AvailabilityZone = subnet[2] sub.Tags = Tags(Application = Ref('AWS::StackName')) t.add_resource(sub) app_subnets.append(sub) # route table associations need to be handled per subnet rta = SubnetRouteTableAssociation(config['name'] + 'Rta' + subnet[0]) rta.RouteTableId = Ref(route_table) rta.SubnetId = Ref(sub) t.add_resource(rta) route_table_associations.append(rta) # security group addresses # list of tuples # [('cidr block', 'cloudformation resource name')] home_egress_ips = [ ('68.193.66.133/32', 'home') ] # security groups home_ssh = SecurityGroup(config['name'] + 'homeSsh') home_ssh.GroupDescription = 'home SSH in'