iaun
/
xdc20201211


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494
							AWSTemplateFormatVersion: 2010-09-09
Resources:
  vpc1:
    Type: 'AWS::EC2::VPC'
    Properties:
      CidrBlock: !Ref vpccidr
      EnableDnsHostnames: 'true'
      EnableDnsSupport: 'true'
      Tags:
        - Key: Name
          Value: vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 36050a81-2f2b-4482-9d6a-763dbad1b527
  pubnet1:
    Type: 'AWS::EC2::Subnet'
    Properties:
      AvailabilityZone: !Select 
        - '0'
        - !GetAZs ''
      CidrBlock: !Ref pubnet1cidr
      Tags:
        - Key: Name
          Value: pubnet1
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: d00fad60-d71a-4bfc-988a-65236dea5a6f
  pubnet2:
    Type: 'AWS::EC2::Subnet'
    Properties:
      AvailabilityZone: !Select 
        - '1'
        - !GetAZs ''
      CidrBlock: !Ref pubnet2cidr
      Tags:
        - Key: Name
          Value: pubnet2
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: dbc87cce-6f33-46fb-8684-24fc5008ad91
  webnet1:
    Type: 'AWS::EC2::Subnet'
    Properties:
      AvailabilityZone: !Select 
        - '0'
        - !GetAZs ''
      CidrBlock: !Ref webnet1cidr
      Tags:
        - Key: Name
          Value: webnet1
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 30f1713d-c319-4dcb-8730-c4baf0cb207a
  webnet2:
    Type: 'AWS::EC2::Subnet'
    Properties:
      AvailabilityZone: !Select 
        - '1'
        - !GetAZs ''
      CidrBlock: !Ref webnet2cidr
      Tags:
        - Key: Name
          Value: webnet2
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: bd5423c4-721b-4194-a7ba-b8d4b437683a
  dbnet1:
    Type: 'AWS::EC2::Subnet'
    Properties:
      AvailabilityZone: !Select 
        - '0'
        - !GetAZs ''
      CidrBlock: !Ref dbnet1cidr
      Tags:
        - Key: Name
          Value: dbnet1
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: d721de76-5cf2-416c-985d-2bd9d10d4c3c
  dbnet2:
    Type: 'AWS::EC2::Subnet'
    Properties:
      AvailabilityZone: !Select 
        - '1'
        - !GetAZs ''
      CidrBlock: !Ref dbnet2cidr
      Tags:
        - Key: Name
          Value: dbnet2
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: d3655dff-3e6c-4e71-b429-782c249ead24
  table1:
    Type: 'AWS::EC2::RouteTable'
    Properties:
      Tags:
        - Key: Name
          Value: table1
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 5a28c477-28f7-4f63-96e4-eba4f2af91c8
  table2:
    Type: 'AWS::EC2::RouteTable'
    Properties:
      Tags:
        - Key: Name
          Value: table2
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: e7cb3a54-60cc-4806-b6c5-51dd541555b2
  table3:
    Type: 'AWS::EC2::RouteTable'
    Properties:
      Tags:
        - Key: Name
          Value: table3
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: b031b8a3-c571-4e9b-967f-e777ca927d08
  igw1:
    Type: 'AWS::EC2::InternetGateway'
    Properties: {}
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 4f2d896c-333a-4e40-acf1-a4d29c7f1e04
  EC2VPCG2BPGG:
    Type: 'AWS::EC2::VPCGatewayAttachment'
    Properties:
      InternetGatewayId: !Ref igw1
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 544c5488-107f-4d4f-99d7-f22003afd889
  natgateway1:
    Type: 'AWS::EC2::NatGateway'
    Properties:
      AllocationId: !GetAtt 
        - eip1
        - AllocationId
      SubnetId: !Ref pubnet1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: df5bea53-45ac-47d0-ae9e-32e7d54a37a5
  natgateway2:
    Type: 'AWS::EC2::NatGateway'
    Properties:
      AllocationId: !GetAtt 
        - eip2
        - AllocationId
      SubnetId: !Ref pubnet2
    Metadata:
      'AWS::CloudFormation::Designer':
        id: b8570bf1-7fe5-4d58-8fb9-83e3660f2170
  eip1:
    Type: 'AWS::EC2::EIP'
    Properties: {}
    Metadata:
      'AWS::CloudFormation::Designer':
        id: d77dbe47-fc90-4338-8ff2-af4000405dde
  eip2:
    Type: 'AWS::EC2::EIP'
    Properties: {}
    Metadata:
      'AWS::CloudFormation::Designer':
        id: e8777cd9-8375-401a-ad6f-52051c09dc89
  EC2SRTA51E2B:
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      SubnetId: !Ref pubnet1
      RouteTableId: !Ref table1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 72574f43-a5f8-4c3b-bcf7-f8b199887e9c
  EC2SRTA2YHOD:
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      SubnetId: !Ref pubnet2
      RouteTableId: !Ref table1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: f7e5fe7c-a1c1-48e0-8743-daa1f0e3fb06
  EC2SRTA2VWB8:
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      RouteTableId: !Ref table2
      SubnetId: !Ref webnet1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 5b9f52cd-7dd4-4a0e-88d2-ebd48368e2a4
  EC2SRTA26CTN:
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      SubnetId: !Ref dbnet1
      RouteTableId: !Ref table2
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 3cedd898-d918-44c1-938d-cfc6512301ea
  EC2SRTAH6LA:
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      SubnetId: !Ref webnet2
      RouteTableId: !Ref table3
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 91524a30-078a-41c2-a34e-0f16b37b3691
  EC2SRTA1VSM:
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      SubnetId: !Ref dbnet2
      RouteTableId: !Ref table3
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 1220e1c3-e8c3-4f7a-998d-e60203564b8d
  route1:
    Type: 'AWS::EC2::Route'
    Properties:
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref igw1
      RouteTableId: !Ref table1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: d037ea69-ec83-4c36-92f7-12c199349fd9
  route2:
    Type: 'AWS::EC2::Route'
    Properties:
      DestinationCidrBlock: 0.0.0.0/0
      NatGatewayId: !Ref natgateway1
      RouteTableId: !Ref table2
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 64d213ca-d8f7-45f3-a53b-6001ad55ba0a
  route3:
    Type: 'AWS::EC2::Route'
    Properties:
      DestinationCidrBlock: 0.0.0.0/0
      NatGatewayId: !Ref natgateway2
      RouteTableId: !Ref table3
    Metadata:
      'AWS::CloudFormation::Designer':
        id: c5cec4ea-e367-424f-9e78-92220722b760
  elbgroup:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: sg_elb
      GroupName: sg_elb
      Tags:
        - Key: Name
          Value: sg_elb
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
      SecurityGroupEgress:
        - CidrIp: 0.0.0.0/0
          IpProtocol: '-1'
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 41ff46eb-edb8-456f-9183-4d7eea31e49a
  webgroup:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: !Ref sgName
      GroupName: !Ref sgName
      Tags:
        - Key: Name
          Value: !Ref sgName
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 7777
          ToPort: 7777
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 22
          ToPort: 22
          CidrIp: 0.0.0.0/0
      SecurityGroupEgress:
        - CidrIp: 0.0.0.0/0
          IpProtocol: '-1'
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 3d3c83e4-c428-4628-a0e2-d4415ec6cfd6
  dbgroup:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: dbgroup
      GroupName: elasticache_memcache
      Tags:
        - Key: Name
          Value: elasticache_memcache
      SecurityGroupIngress:
        - SourceSecurityGroupId: !Ref webgroup
          FromPort: !Ref cacheport
          ToPort: !Ref cacheport
          IpProtocol: tcp
        - SourceSecurityGroupId: !Ref webgroup
          FromPort: '2049'
          ToPort: '2049'
          IpProtocol: tcp
        - SourceSecurityGroupId: !Ref webgroup
          FromPort: '5432'
          ToPort: '5432'
          IpProtocol: tcp
      SecurityGroupEgress:
        - CidrIp: 0.0.0.0/0
          IpProtocol: '-1'
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 6efe5731-b5ea-4e23-9b48-1353eaea32a1
  redissg:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: redissg
      GroupName: elasticache_redis
      Tags:
        - Key: Name
          Value: elasticache_redis
      SecurityGroupIngress:
        - SourceSecurityGroupId: !Ref webgroup
          FromPort: '6379'
          ToPort: '6379'
          IpProtocol: tcp
        - SourceSecurityGroupId: !Ref webgroup
          FromPort: '2049'
          ToPort: '2049'
          IpProtocol: tcp
      SecurityGroupEgress:
        - CidrIp: 0.0.0.0/0
          IpProtocol: '-1'
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: e2fe8abf-7e4a-472a-88e6-52c5b75b9924
  efssg:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: sgefs
      GroupName: sg_efs
      Tags:
        - Key: Name
          Value: sg_efs
      SecurityGroupIngress:
        - SourceSecurityGroupId: !Ref webgroup
          FromPort: '2049'
          ToPort: '2049'
          IpProtocol: tcp
        - SourceSecurityGroupId: !Ref lambdasg
          FromPort: '2049'
          ToPort: '2049'
          IpProtocol: tcp
      SecurityGroupEgress:
        - CidrIp: 0.0.0.0/0
          IpProtocol: '-1'
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: a2a71bad-d448-4630-ae7a-ac51d0366306
  cachegroup:
    Type: 'AWS::ElastiCache::SubnetGroup'
    Properties:
      CacheSubnetGroupName: cachegroup
      Description: cachegroup
      SubnetIds:
        - !Ref dbnet1
        - !Ref dbnet2
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 4c252f4a-8901-40df-b0a2-386cee29c258
  rdsgroup:
    Type: 'AWS::RDS::DBSubnetGroup'
    Properties:
      DBSubnetGroupDescription: rdsgroup
      DBSubnetGroupName: rdsgroup
      Tags:
        - Key: Name
          Value: rdsgroup
      SubnetIds:
        - !Ref dbnet1
        - !Ref dbnet2
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 00338a06-280d-4c12-9255-b77136a19138
  rdssg:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: sg_rds
      GroupName: sg_rds
      Tags:
        - Key: Name
          Value: sg_rds
      SecurityGroupIngress:
        - SourceSecurityGroupId: !Ref webgroup
          FromPort: '3306'
          ToPort: '3306'
          IpProtocol: tcp
        - SourceSecurityGroupId: !Ref webgroup
          FromPort: '5432'
          ToPort: '5432'
          IpProtocol: tcp
        - SourceSecurityGroupId: !Ref lambdasg
          FromPort: '5432'
          ToPort: '5432'
          IpProtocol: tcp
        - SourceSecurityGroupId: !Ref lambdasg
          FromPort: '3306'
          ToPort: '3306'
          IpProtocol: tcp
      SecurityGroupEgress:
        - CidrIp: 0.0.0.0/0
          IpProtocol: '-1'
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 6efe5731-b5ea-4e23-9b48-1353eaea32a1
  lambdasg:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: sg_lambda
      GroupName: sg_lambda
      Tags:
        - Key: Name
          Value: sg_lambda
      SecurityGroupEgress:
        - CidrIp: 0.0.0.0/0
          IpProtocol: '-1'
      VpcId: !Ref vpc1
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 6efe5731-b5ea-4e23-9b48-1353eaea32a1
Parameters:
  vpccidr:
    Type: String
    Default: 192.168.0.0/16
  pubnet1cidr:
    Type: String
    Default: 192.168.1.0/24
  pubnet2cidr:
    Type: String
    Default: 192.168.2.0/24
  webnet1cidr:
    Type: String
    Default: 192.168.3.0/24
  webnet2cidr:
    Type: String
    Default: 192.168.4.0/24
  dbnet1cidr:
    Type: String
    Default: 192.168.5.0/24
  dbnet2cidr:
    Type: String
    Default: 192.168.6.0/24
  cacheport:
    Type: String
    Default: '11211'
  sgName:
    Type: String
    Default: sg_ai
Outputs:
  PUBnet1id:
    Value: !Ref pubnet1
  PUBnet2id:
    Value: !Ref pubnet2
  WEBbnet1id:
    Value: !Ref webnet1
  WEBnet2id:
    Value: !Ref webnet2
  DBnet1id:
    Value: !Ref dbnet1
  DBnet2id:
    Value: !Ref dbnet2
  Vpcid:
    Value: !Ref vpc1
  ELBsg:
    Value: !Ref elbgroup
  ServerSG:
    Value: !Ref webgroup
  MemSg:
    Value: !Ref dbgroup
  EFSsg:
    Value: !Ref efssg
  RedisSg:
    Value: !Ref redissg