This repository has been archived by the owner on Nov 25, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathvpc_setup.yaml
132 lines (116 loc) · 3.58 KB
/
vpc_setup.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
# This template will create the required VPC setup for establishing cross-account or a
# cross-region AWS Glue connection. It will create the following components:
# A VPC with:
# 1 Public Subnet
# 1 Private Subnet
# An Internet Gateway, and route for outbound traffic from public subnet through Internet Gateway
# A NAT Gateway, and route for outbbound traffic from private subnet through NAT Gateway
Parameters:
VPCForGlueCIDR:
Description: Please enter the IP range (CIDR notation) for this VPC
Type: String
Default: 10.192.0.0/16
GluePublicSubnetCIDR:
Description: Please enter the IP range (CIDR notation) for the public subnet in the first Availability Zone
Type: String
Default: 10.192.10.0/24
GluePrivateSubnetCIDR:
Description: Please enter the IP range (CIDR notation) for the private subnet in the first Availability Zone
Type: String
Default: 10.192.20.0/24
Resources:
VPCForGlue:
Type: 'AWS::EC2::VPC'
Properties:
CidrBlock: !Ref VPCForGlueCIDR
Tags:
- Key: Name
Value: VPCForGlue
GluePublicSubnet:
Type: 'AWS::EC2::Subnet'
Properties:
VpcId: !Ref VPCForGlue
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: !Ref GluePublicSubnetCIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: GluePublicSubnet
GluePrivateSubnet:
Type: 'AWS::EC2::Subnet'
Properties:
VpcId: !Ref VPCForGlue
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: !Ref GluePrivateSubnetCIDR
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: 'GluePrivateSubnet'
InternetGateway:
Type: 'AWS::EC2::InternetGateway'
Properties:
Tags:
- Key: Name
Value: IGForOutgoingGlueTraffic
- Key: Network
Value: Public
InternetGatewayAttachment:
Type: 'AWS::EC2::VPCGatewayAttachment'
Properties:
VpcId: !Ref VPCForGlue
InternetGatewayId: !Ref InternetGateway
PublicRouteTable:
Type: 'AWS::EC2::RouteTable'
Properties:
VpcId: !Ref VPCForGlue
Tags:
- Key: Network
Value: Public
- Key: Name
Value: GluePublicRouteTable
PublicRoute:
Type: 'AWS::EC2::Route'
DependsOn: InternetGatewayAttachment
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
GluePublicSubnetRouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref GluePublicSubnet
RouteTableId: !Ref PublicRouteTable
NatPublicIP:
Type: "AWS::EC2::EIP"
DependsOn: VPCForGlue
Properties:
Domain: vpc
NatGateway:
Type: "AWS::EC2::NatGateway"
DependsOn: NatPublicIP
Properties:
AllocationId: !GetAtt NatPublicIP.AllocationId
SubnetId: !Ref GluePublicSubnet
Tags:
- Key: Name
Value: GlueNatGateway
PrivateRouteTable:
Type: 'AWS::EC2::RouteTable'
Properties:
VpcId: !Ref VPCForGlue
Tags:
- Key: Network
Value: Private
- Key: Name
Value: GluePrivateRouteTable
PrivateRoute:
Type: 'AWS::EC2::Route'
Properties:
RouteTableId: !Ref PrivateRouteTable
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway
GluePrivateSubnetRouteTableAssociation:
Type: 'AWS::EC2::SubnetRouteTableAssociation'
Properties:
SubnetId: !Ref GluePrivateSubnet
RouteTableId: !Ref PrivateRouteTable