20탄-7. CF -Pub1,Pri1,NAT 1개
Cloudformation 으로 Public Subnet, Private Subnet, NAT Gateway를 생성하는 과정이다.
NAT가 생성 되므로 비용이 발생된다.
테스트의 경우 빠르게 테스트하고 삭제해야 비용이 적게 나온다.
<1> 요청 사항 - Pub 1 , Pri 1 , NAT 1개
<2> Cloudformation 코드에 들어가야 하는것
<3> Cloudformation 내용 (파일 첨부)
<4> 다른 Cloudformation 파일 보기
<1> 요청 사항 - Pub 1 , Pri 1 , NAT 1개
필요 리소스
VPC 1개
Public Subnet 1개
Private Sunet 1개
NAT 1개
<2> Cloudformation 코드에 들어가야 하는것
pub관련 4개
PublicSubnet1
PublicRouteTable 테이블
PublicRoute 0.0.0.0
PublicSubnetRouteTableAssociation1
private 관련 - 3개
PrivateSubnet1
PrivateRouteTable: 테이블
PrivateSubnetRouteTableAssociation1:
공통
VPC
IGW
IGW Attatch
NAT gateway생성 - 3개
NatGateway
EIP
Route - nat관련 라우트 1개 추가
<3> Cloudformation 내용
설정 파일
AWSTemplateFormatVersion: 2010-09-09
Description: Deploy a VPC
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
EnableDnsHostnames: true
Tags:
- Key: Name
Value: Lab VPC
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: Lab Internet Gateway
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.0.0/24
AvailabilityZone: !Select
- '0'
- !GetAZs ''
Tags:
- Key: Name
Value: Public Subnet 1
# 1
PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.1.0/24
AvailabilityZone: !Select
- '0'
- !GetAZs ''
Tags:
- Key: Name
Value: Private Subnet 1
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: Public Route Table
PublicRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnetRouteTableAssociation1:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet1
RouteTableId: !Ref PublicRouteTable
# nat1
NATGW01:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt EIP.AllocationId
SubnetId: !Ref PrivateSubnet1
# nat2
EIP:
DependsOn: AttachGateway
Type: AWS::EC2::EIP
Properties:
Domain: vpc
# 2
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: Private Route Table
# nat 3
PrivateRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NATGW01
# 3
PrivateSubnetRouteTableAssociation1:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PrivateSubnet1
RouteTableId: !Ref PrivateRouteTable
Outputs:
VPC:
Description: VPC
Value: !Ref VPC
AZ1:
Description: Availability Zone 1
Value: !GetAtt
- PublicSubnet1
- AvailabilityZone
<4> 다른 Cloudformation 파일 보기
https://brunch.co.kr/@topasvga/1781
