Skip to content

Instantly share code, notes, and snippets.

@tmclaugh

tmclaugh/gist:fb72dbe9a30ba36279b2704ef84dc4d3

Last active July 21, 2017 03:02
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save tmclaugh/fb72dbe9a30ba36279b2704ef84dc4d3 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save tmclaugh/fb72dbe9a30ba36279b2704ef84dc4d3 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. tmclaugh revised this gist Jul 21, 2017. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion gistfile1.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -1,4 +1,4 @@
    c:
    vpc:
    Type: AWS::EC2::VPC
    Properties:
    CidrBlock: "10.0.0.0/16"
  2. tmclaugh created this gist Jul 21, 2017.
    72 changes: 72 additions & 0 deletions gistfile1.txt
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,72 @@
    c:
    Type: AWS::EC2::VPC
    Properties:
    CidrBlock: "10.0.0.0/16"
    EnableDnsSupport: false
    EnableDnsHostnames: false
    Tags:
    - Key: Name
    Value: ${self:service}-${self:provider.stage}
    # This doesn't work for all regions but handles the vast majority. I hope
    # when this actually becomes a problem for their to be a better solution.
    vpcSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
    AvailabilityZone:
    Fn::Select:
    - 0
    - Fn::GetAZs: ""
    CidrBlock: 10.0.0.0/20
    VpcId:
    Ref: vpc
    vpcSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
    AvailabilityZone:
    Fn::Select:
    - 1
    - Fn::GetAZs: ""
    CidrBlock: 10.0.16.0/20
    VpcId:
    Ref: vpc
    vpcSubnet3:
    Type: AWS::EC2::Subnet
    Properties:
    AvailabilityZone:
    Fn::Select:
    - 2
    - Fn::GetAZs: ""
    CidrBlock: 10.0.32.0/20
    VpcId:
    Ref: vpc

    securityGroupDefault:
    Type: AWS::EC2::SecurityGroup
    Properties:
    GroupDescription: ${self:service}-${self:provider.stage}
    Tags:
    - Key: Name
    Value: ${self:service}-${self:provider.stage}
    VpcId:
    Ref: vpc
    # This will override the default SG so we can control rules using
    # AWS::EC2::SecurityGroup{Ingress,Egress} resources.
    SecurityGroupEgress:
    - IpProtocol: -1
    CidrIp: 127.0.0.1/32
    securityGroupEgressDefault:
    Type: AWS::EC2::SecurityGroupEgress
    Properties:
    GroupId:
    Ref: securityGroupDefault
    IpProtocol: -1
    DestinationSecurityGroupId:
    Ref: securityGroupDefault
    securityGroupIngressDefault:
    Type: AWS::EC2::SecurityGroupIngress
    Properties:
    GroupId:
    Ref: securityGroupDefault
    IpProtocol: -1
    SourceSecurityGroupId:
    Ref: securityGroupDefault