presents by IT Consulting 109

AWS – CloudFormationで環境構築 おさらい編1

AWS

概要

CloudFormation を利用した環境構築について連載4回目。

これまでCloudFormationの初歩として、「VPC編」「サブネット編」「ルートテーブル編」を個別に説明してきましたが、これらのスタックを一括にまとめて実行した方が手っ取り早いので、今回はスタックをまとめる説明となります。

AWS – CloudFormationで環境構築 VPC編
AWS – CloudFormationで環境構築 サブネット編
AWS – CloudFormationで環境構築 ルートテーブル編

 

イメージ図

コード

AWSTemplateFormatVersion: 2010-09-09
Description: Creation of VPC and Internet gateway, Subnet.

Parameters:
  ProjectCode:
    Type: String
    Default: itc109
    Description: Project Code

  IPv4CIDRblock:
    Type: String
    Default: 10.0.0.0/16
    Description: VPC CIDR Block

  Tenancy:
    Type: String
    Default: default
    Description: Tenancy
    AllowedValues:
      - default
      - dedicated

  SUBNETCIDRpublicAZa:
    Type: String
    Default: 10.0.0.0/24
    Description: public AvailabilityZone(A) Subnet CIDR Block

  SUBNETCIDRpublicAZc:
    Type: String
    Default: 10.0.1.0/24
    Description: public AvailabilityZone(C) Subnet CIDR Block

  SUBNETCIDRprivateAZa:
    Type: String
    Default: 10.0.2.0/24
    Description: private AvailabilityZone(A) Subnet CIDR Block

  SUBNETCIDRprivateAZc:
    Type: String
    Default: 10.0.3.0/24
    Description: private AvailabilityZone(C) Subnet CIDR Block

  TAGpublic:
    Type: String
    Default: public
    Description: Please set a name

  TAGprivate:
    Type: String
    Default: private
    Description: Please set a name


Resources:
  AttachGateway:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::VPCGatewayAttachment'
    Properties:
      VpcId: !Ref VPC
      InternetGatewayId: !Ref InternetGateway

  VPC:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::VPC'
    Properties:
      CidrBlock:
            Fn::Sub: ${IPv4CIDRblock}
      EnableDnsSupport: 'true'
      EnableDnsHostnames: 'true'
      InstanceTenancy: !Ref Tenancy
      Tags:
        - Key: Name
          Value: 
            Fn::Sub: vpc-${ProjectCode}

  InternetGateway:
    DeletionPolicy: Delete 
    Type: 'AWS::EC2::InternetGateway'
    Properties:
      Tags:
        - Key: Name
          Value: 
            Fn::Sub: igw-${ProjectCode}

  SUBNETpublicAZa:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref VPC
      CidrBlock:
        Fn::Sub: ${SUBNETCIDRpublicAZa}
      AvailabilityZone: ap-northeast-3a
      Tags:
        - Key: Name
          Value: 
            Fn::Sub: subnet-${ProjectCode}-public-apne1a

  SUBNETpublicAZc:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref VPC
      CidrBlock:
        Fn::Sub: ${SUBNETCIDRpublicAZc}
      AvailabilityZone: ap-northeast-3c
      Tags:
        - Key: Name
          Value:
            Fn::Sub: subnet-${ProjectCode}-public-apne1c

  SUBNETprivateAZa:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref VPC
      CidrBlock:
        Fn::Sub: ${SUBNETCIDRprivateAZa}
      AvailabilityZone: ap-northeast-3a
      Tags:
        - Key: Name
          Value: 
            Fn::Sub: subnet-${ProjectCode}-private-apne1a

  SUBNETprivateAZc:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref VPC
      CidrBlock:
        Fn::Sub: ${SUBNETCIDRprivateAZc}
      AvailabilityZone: ap-northeast-3c
      Tags:
        - Key: Name
          Value:
            Fn::Sub: subnet-${ProjectCode}-private-apne1c

  ROUTETABLEpublic:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::RouteTable'
    Properties:
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value:
            Fn::Sub: rtb-${ProjectCode}-${TAGpublic}

  ROUTETABLEprivate:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::RouteTable'
    Properties:
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value:
            Fn::Sub: rtb-${ProjectCode}-${TAGprivate}

  ROUTE:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::Route'
    Properties:
      RouteTableId: !Ref ROUTETABLEpublic
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway

  ASSOCIATIONpublicAZa:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      RouteTableId: !Ref ROUTETABLEpublic
      SubnetId:
        Fn::Sub: ${SUBNETpublicAZa}

  ASSOCIATIONpublicAZc:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      RouteTableId: !Ref ROUTETABLEpublic
      SubnetId:
        Fn::Sub: ${SUBNETpublicAZc}

  ASSOCIATIONprivateAZa:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      RouteTableId: !Ref ROUTETABLEprivate
      SubnetId:
        Fn::Sub: ${SUBNETprivateAZa}

  ASSOCIATIONprivateAZc:
    DeletionPolicy: Delete
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      RouteTableId: !Ref ROUTETABLEprivate
      SubnetId:
        Fn::Sub: ${SUBNETprivateAZc}


Outputs:
  VPCId:
    Value: !Ref VPC
    Export:
      Name:
        Fn::Sub: vpc

  InternetGatewayId:
    Value: !Ref InternetGateway
    Export:
      Name: 
        Fn::Sub: igw

  SUBNETpublicAZa:
    Description: 'Subnet For public Range, AZ:a'
    Value: !Ref SUBNETpublicAZa
    Export:
      Name:
        Fn::Sub: subnet-public-apne1a

  SUBNETpublicAZc:
    Description: 'Subnet For public Range, AZ:c'
    Value: !Ref SUBNETpublicAZc
    Export:
      Name:
        Fn::Sub: subnet-public-apne1c

  SUBNETprivateAZa:
    Description: 'Subnet For private Range, AZ:a'
    Value: !Ref SUBNETprivateAZa
    Export:
      Name:
        Fn::Sub: subnet-private-apne1a

  SUBNETprivateAZc:
    Description: 'Subnet For private Range, AZ:c'
    Value: !Ref SUBNETprivateAZc
    Export:
      Name:
        Fn::Sub: subnet-private-apne1c

補足

シンプルなVPC構成となりますが、サブネットを増やすなど応用しやすいテンプレートとなっています。

この記事を書いた人
名前:TRUE's。 千葉県育ち、神奈川県在住のIT系フリーエンジニア。 IT系のナレッジサイトを不定期で更新中。 フォトグラファー兼エンジニアとして日々勤しんでいる。
https://www.itc109.com

コメントを残す

メールアドレスが公開されることはありません。 が付いている欄は必須項目です

関連記事
スポンサーリンク