aws upi/cloudformation: add templates to create CAGW and subnets

2026-02-05 06:46:36 +01:00 · 2023-10-31 04:02:54 -03:00
parent ad72250b80
commit 14545e26cd
2 changed files with 153 additions and 0 deletions
--- a/upi/aws/cloudformation/01_vpc_01_carrier_gateway.yaml
+++ b/upi/aws/cloudformation/01_vpc_01_carrier_gateway.yaml
@@ -0,0 +1,65 @@
+AWSTemplateFormatVersion: 2010-09-09
+Description: Template for Creating Wavelength Zone Gateway (Carrier Gateway).
+
+Parameters:
+  VpcId:
+    Description: VPC ID to associate the Carrier Gateway.
+    Type: String
+    AllowedPattern: ^(?:(?:vpc)(?:-[a-zA-Z0-9]+)?\b|(?:[0-9]{1,3}\.){3}[0-9]{1,3})$
+    ConstraintDescription: VPC ID must be with valid name, starting with vpc-.*.
+  ClusterName:
+    Description: Cluster Name or Prefix name to prepend the tag Name for each subnet.
+    Type: String
+    AllowedPattern: ".+"
+    ConstraintDescription: ClusterName parameter must be specified.
+
+Resources:
+  CarrierGateway:
+    Type: "AWS::EC2::CarrierGateway"
+    Properties:
+      VpcId: !Ref VpcId
+      Tags:
+      - Key: Name
+        Value: !Join ['-', [!Ref ClusterName, "cagw"]]
+
+  PublicRouteTable:
+    Type: "AWS::EC2::RouteTable"
+    Properties:
+      VpcId: !Ref VpcId
+      Tags:
+      - Key: Name
+        Value: !Join ['-', [!Ref ClusterName, "public-carrier"]]
+
+  PublicRoute:
+    Type: "AWS::EC2::Route"
+    DependsOn: CarrierGateway
+    Properties:
+      RouteTableId: !Ref PublicRouteTable
+      DestinationCidrBlock: 0.0.0.0/0
+      CarrierGatewayId: !Ref CarrierGateway
+
+  S3Endpoint:
+    Type: AWS::EC2::VPCEndpoint
+    Properties:
+      PolicyDocument:
+        Version: 2012-10-17
+        Statement:
+        - Effect: Allow
+          Principal: '*'
+          Action:
+          - '*'
+          Resource:
+          - '*'
+      RouteTableIds:
+      - !Ref PublicRouteTable
+      ServiceName: !Join
+      - ''
+      - - com.amazonaws.
+        - !Ref 'AWS::Region'
+        - .s3
+      VpcId: !Ref VpcId
+
+Outputs:
+  PublicRouteTableId:
+    Description: Public Route table ID
+    Value: !Ref PublicRouteTable
--- a/upi/aws/cloudformation/01_vpc_99_subnet.yaml
+++ b/upi/aws/cloudformation/01_vpc_99_subnet.yaml
@@ -0,0 +1,88 @@
+AWSTemplateFormatVersion: 2010-09-09
+Description: Template for Best Practice Subnets (Public and Private)
+
+Parameters:
+  VpcId:
+    Description: VPC ID which the subnets will be part.
+    Type: String
+    AllowedPattern: ^(?:(?:vpc)(?:-[a-zA-Z0-9]+)?\b|(?:[0-9]{1,3}\.){3}[0-9]{1,3})$
+    ConstraintDescription: VPC ID must be with valid name, starting with vpc-.*.
+  ClusterName:
+    Description: Cluster Name or Prefix name to prepend the tag Name for each subnet.
+    Type: String
+    AllowedPattern: ".+"
+    ConstraintDescription: ClusterName parameter must be specified.
+  ZoneName:
+    Description: Zone Name to create the subnets (Example us-west-2-lax-1a).
+    Type: String
+    AllowedPattern: ".+"
+    ConstraintDescription: ZoneName parameter must be specified.
+  PublicRouteTableId:
+    Description: Public Route Table ID to associate the public subnet.
+    Type: String
+    AllowedPattern: ".+"
+    ConstraintDescription: PublicRouteTableId parameter must be specified.
+  PublicSubnetCidr:
+    # yamllint disable-line rule:line-length
+    AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-4]))$
+    ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-24.
+    Default: 10.0.128.0/20
+    Description: CIDR block for Public Subnet
+    Type: String
+
+  PrivateRouteTableId:
+    Description: Public Route Table ID to associate the Local Zone subnet
+    Type: String
+    AllowedPattern: ".+"
+    ConstraintDescription: PublicRouteTableId parameter must be specified.
+  PrivateSubnetCidr:
+    # yamllint disable-line rule:line-length
+    AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-4]))$
+    ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-24.
+    Default: 10.0.128.0/20
+    Description: CIDR block for Public Subnet
+    Type: String
+
+Resources:
+  PublicSubnet:
+    Type: "AWS::EC2::Subnet"
+    Properties:
+      VpcId: !Ref VpcId
+      CidrBlock: !Ref PublicSubnetCidr
+      AvailabilityZone: !Ref ZoneName
+      Tags:
+      - Key: Name
+        Value: !Join ['-', [!Ref ClusterName, "public", !Ref ZoneName]]
+
+  PublicSubnetRouteTableAssociation:
+    Type: "AWS::EC2::SubnetRouteTableAssociation"
+    Properties:
+      SubnetId: !Ref PublicSubnet
+      RouteTableId: !Ref PublicRouteTableId
+
+  PrivateSubnet:
+    Type: "AWS::EC2::Subnet"
+    Properties:
+      VpcId: !Ref VpcId
+      CidrBlock: !Ref PrivateSubnetCidr
+      AvailabilityZone: !Ref ZoneName
+      Tags:
+      - Key: Name
+        Value: !Join ['-', [!Ref ClusterName, "private", !Ref ZoneName]]
+
+  PrivateSubnetRouteTableAssociation:
+    Type: "AWS::EC2::SubnetRouteTableAssociation"
+    Properties:
+      SubnetId: !Ref PrivateSubnet
+      RouteTableId: !Ref PrivateRouteTableId
+
+Outputs:
+  PublicSubnetId:
+    Description: Subnet ID of the public subnets.
+    Value:
+      !Join ["", [!Ref PublicSubnet]]
+
+  PrivateSubnetId:
+    Description: Subnet ID of the private subnets.
+    Value:
+      !Join ["", [!Ref PrivateSubnet]]