20탄-7. CF -Pub1,Pri1,NAT 1개

Cloudformation 으로 Public Subnet, Private Subnet, NAT Gateway를 생성하는 과정이다.

NAT가 생성 되므로 비용이 발생된다.

테스트의 경우 빠르게 테스트하고 삭제해야 비용이 적게 나온다.

<1> 요청 사항 - Pub 1 , Pri 1 , NAT 1개

<2> Cloudformation 코드에 들어가야 하는것

<3> Cloudformation 내용 (파일 첨부)

<4> 다른 Cloudformation 파일 보기

<1> 요청 사항 - Pub 1 , Pri 1 , NAT 1개

필요 리소스

VPC 1개

Public Subnet 1개

Private Sunet 1개

NAT 1개

<2> Cloudformation 코드에 들어가야 하는것

pub관련 4개

PublicSubnet1

PublicRouteTable 테이블

PublicRoute 0.0.0.0

PublicSubnetRouteTableAssociation1

private 관련 - 3개

PrivateSubnet1

PrivateRouteTable: 테이블

PrivateSubnetRouteTableAssociation1:

공통

VPC

IGW

IGW Attatch

NAT gateway생성 - 3개

NatGateway

EIP

Route - nat관련 라우트 1개 추가

<3> Cloudformation 내용

설정 파일

AWSTemplateFormatVersion: 2010-09-09

Description: Deploy a VPC

Resources:

VPC:

Type: AWS::EC2::VPC

Properties:

CidrBlock: 10.0.0.0/16

EnableDnsHostnames: true

Tags:

- Key: Name

Value: Lab VPC

InternetGateway:

Type: AWS::EC2::InternetGateway

Properties:

Tags:

- Key: Name

Value: Lab Internet Gateway

AttachGateway:

Type: AWS::EC2::VPCGatewayAttachment

Properties:

VpcId: !Ref VPC

InternetGatewayId: !Ref InternetGateway

PublicSubnet1:

Type: AWS::EC2::Subnet

Properties:

VpcId: !Ref VPC

CidrBlock: 10.0.0.0/24

AvailabilityZone: !Select

- '0'

- !GetAZs ''

Tags:

- Key: Name

Value: Public Subnet 1

# 1

PrivateSubnet1:

Type: AWS::EC2::Subnet

Properties:

VpcId: !Ref VPC

CidrBlock: 10.0.1.0/24

AvailabilityZone: !Select

- '0'

- !GetAZs ''

Tags:

- Key: Name

Value: Private Subnet 1

PublicRouteTable:

Type: AWS::EC2::RouteTable

Properties:

VpcId: !Ref VPC

Tags:

- Key: Name

Value: Public Route Table

PublicRoute:

Type: AWS::EC2::Route

Properties:

RouteTableId: !Ref PublicRouteTable

DestinationCidrBlock: 0.0.0.0/0

GatewayId: !Ref InternetGateway

PublicSubnetRouteTableAssociation1:

Type: AWS::EC2::SubnetRouteTableAssociation

Properties:

SubnetId: !Ref PublicSubnet1

RouteTableId: !Ref PublicRouteTable

# nat1

NATGW01:

Type: AWS::EC2::NatGateway

Properties:

AllocationId: !GetAtt EIP.AllocationId

SubnetId: !Ref PrivateSubnet1

# nat2

EIP:

DependsOn: AttachGateway

Type: AWS::EC2::EIP

Properties:

Domain: vpc

# 2

PrivateRouteTable:

Type: AWS::EC2::RouteTable

Properties:

VpcId: !Ref VPC

Tags:

- Key: Name

Value: Private Route Table

# nat 3

PrivateRoute:

Type: AWS::EC2::Route

Properties:

RouteTableId: !Ref PrivateRouteTable

DestinationCidrBlock: 0.0.0.0/0

NatGatewayId: !Ref NATGW01

# 3

PrivateSubnetRouteTableAssociation1:

Type: AWS::EC2::SubnetRouteTableAssociation

Properties:

SubnetId: !Ref PrivateSubnet1

RouteTableId: !Ref PrivateRouteTable

Outputs:

VPC:

Description: VPC

Value: !Ref VPC

AZ1:

Description: Availability Zone 1

Value: !GetAtt

- PublicSubnet1

- AvailabilityZone

41 vpc1-pub1-pri1-nat1.yaml

<4> 다른 Cloudformation 파일 보기

https://brunch.co.kr/@topasvga/1781

(몰아보기) CloudFormation