20탄-7. CF -Pub1,Pri1,NAT 1개

Cloudformation 으로 Public Subnet, Private Subnet, NAT Gateway를  생성하는 과정이다.

NAT가 생성 되므로 비용이 발생된다.

테스트의 경우 빠르게 테스트하고 삭제해야 비용이 적게 나온다.

<1> 요청 사항 - Pub 1 , Pri 1 , NAT 1개

<2> Cloudformation 코드에 들어가야 하는것

<3> Cloudformation 내용 (파일 첨부)

<4> 다른 Cloudformation 파일 보기

<1> 요청 사항 - Pub 1 , Pri 1 , NAT 1개

필요 리소스

VPC 1개

Public Subnet 1개

Private Sunet 1개 

NAT 1개

<2> Cloudformation 코드에 들어가야 하는것

pub관련  4개

PublicSubnet1 

PublicRouteTable 테이블

PublicRoute  0.0.0.0

PublicSubnetRouteTableAssociation1

private 관련  - 3개

PrivateSubnet1

PrivateRouteTable:  테이블

PrivateSubnetRouteTableAssociation1: 

공통

VPC

IGW

IGW Attatch

NAT gateway생성 - 3개

NatGateway

EIP

Route   - nat관련 라우트 1개 추가

<3> Cloudformation 내용

설정 파일

AWSTemplateFormatVersion: 2010-09-09

Description: Deploy a VPC

Resources:

  VPC:

    Type: AWS::EC2::VPC

    Properties:

      CidrBlock: 10.0.0.0/16

      EnableDnsHostnames: true

      Tags:

      - Key: Name

        Value: Lab VPC

  InternetGateway:

    Type: AWS::EC2::InternetGateway

    Properties:

      Tags:

      - Key: Name

        Value: Lab Internet Gateway

  AttachGateway:

    Type: AWS::EC2::VPCGatewayAttachment

    Properties:

      VpcId: !Ref VPC

      InternetGatewayId: !Ref InternetGateway

  PublicSubnet1:

    Type: AWS::EC2::Subnet

    Properties:

      VpcId: !Ref VPC

      CidrBlock: 10.0.0.0/24

      AvailabilityZone: !Select 

        - '0'

        - !GetAZs ''

      Tags:

        - Key: Name

          Value: Public Subnet 1

# 1

  PrivateSubnet1:

    Type: AWS::EC2::Subnet    

    Properties:

      VpcId: !Ref VPC

      CidrBlock: 10.0.1.0/24

      AvailabilityZone: !Select 

        - '0'

        - !GetAZs ''

      Tags:

        - Key: Name

          Value: Private Subnet 1

  PublicRouteTable:

    Type: AWS::EC2::RouteTable

    Properties:

      VpcId: !Ref VPC

      Tags:

        - Key: Name

          Value: Public Route Table

  PublicRoute:

    Type: AWS::EC2::Route

    Properties:

      RouteTableId: !Ref PublicRouteTable

      DestinationCidrBlock: 0.0.0.0/0

      GatewayId: !Ref InternetGateway

  PublicSubnetRouteTableAssociation1:

    Type: AWS::EC2::SubnetRouteTableAssociation

    Properties:

      SubnetId: !Ref PublicSubnet1

      RouteTableId: !Ref PublicRouteTable

# nat1

  NATGW01:

    Type: AWS::EC2::NatGateway    

    Properties:

      AllocationId: !GetAtt EIP.AllocationId

      SubnetId: !Ref PrivateSubnet1

# nat2

  EIP:

    DependsOn: AttachGateway

    Type: AWS::EC2::EIP    

    Properties:

      Domain: vpc

# 2

  PrivateRouteTable:

    Type: AWS::EC2::RouteTable

    Properties:

      VpcId: !Ref VPC

      Tags:

      - Key: Name

        Value: Private Route Table  

# nat 3

  PrivateRoute:

    Type: AWS::EC2::Route    

    Properties:

      RouteTableId: !Ref PrivateRouteTable

      DestinationCidrBlock: 0.0.0.0/0

      NatGatewayId: !Ref NATGW01

# 3

  PrivateSubnetRouteTableAssociation1:

    Type: AWS::EC2::SubnetRouteTableAssociation

    Properties:

      SubnetId: !Ref PrivateSubnet1

      RouteTableId: !Ref PrivateRouteTable      

Outputs:

  VPC:

    Description: VPC

    Value: !Ref VPC

  AZ1:

    Description: Availability Zone 1

    Value: !GetAtt 

      - PublicSubnet1

      - AvailabilityZone

41 vpc1-pub1-pri1-nat1.yaml

<4> 다른 Cloudformation 파일 보기

https://brunch.co.kr/@topasvga/1781

(몰아보기) CloudFormation