From c1b7615235d933fd88b333d9f675989bd454ffb2 Mon Sep 17 00:00:00 2001 From: saravanan30erd Date: Mon, 9 Apr 2018 00:41:45 +0400 Subject: [PATCH] support for Nat Gateway per AZ --- vpc.template | 194 ++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 185 insertions(+), 9 deletions(-) diff --git a/vpc.template b/vpc.template index 8478594..35bb26c 100644 --- a/vpc.template +++ b/vpc.template @@ -128,7 +128,7 @@ }, "NATGatewayPerAZ": { "Default": "false", - "Description": "Create separate NAT Gateway per Availability Zone.", + "Description": "Set to true will create separate NAT Gateway per Availability Zone.", "AllowedValues": [ "true", "false" @@ -144,6 +144,24 @@ }, "3" ] + }, + "MultiNATGateway": { + "Fn::Equals": [ + { + "Ref": "NATGatewayPerAZ" + }, + "true" + ] + }, + "MultiNATGateway&3AZCondition": { + "Fn::And": [ + { + "Condition": "MultiNATGateway" + }, + { + "Condition": "3AZCondition" + } + ] } }, "Resources": { @@ -368,7 +386,7 @@ "MapPublicIpOnLaunch": true } }, - "PrivateSubnetRouteTable": { + "PrivateSubnet1RouteTable": { "Type": "AWS::EC2::RouteTable", "Properties": { "VpcId": { @@ -377,7 +395,7 @@ "Tags": [ { "Key": "Name", - "Value": { "Fn::Join" : [ "-", [ { "Ref" : "AWS::StackName" }, "private-rt"] ] } + "Value": { "Fn::Join" : [ "-", [ { "Ref" : "AWS::StackName" }, "private-rt-1"] ] } }, { "Key": "Network", @@ -386,11 +404,11 @@ ] } }, - "PrivateSubnetRoute": { + "PrivateSubnet1Route": { "Type": "AWS::EC2::Route", "Properties": { "RouteTableId": { - "Ref": "PrivateSubnetRouteTable" + "Ref": "PrivateSubnet1RouteTable" }, "DestinationCidrBlock": "0.0.0.0/0", "NatGatewayId": { @@ -405,7 +423,39 @@ "Ref": "PrivateSubnet1" }, "RouteTableId": { - "Ref": "PrivateSubnetRouteTable" + "Ref": "PrivateSubnet1RouteTable" + } + } + }, + "PrivateSubnet2RouteTable": { + "Condition": "MultiNATGateway", + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPC" + }, + "Tags": [ + { + "Key": "Name", + "Value": { "Fn::Join" : [ "-", [ { "Ref" : "AWS::StackName" }, "private-rt-2"] ] } + }, + { + "Key": "Network", + "Value": "Private" + } + ] + } + }, + "PrivateSubnet2Route": { + "Condition": "MultiNATGateway", + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "PrivateSubnet2RouteTable" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "NATGateway2" } } }, @@ -416,7 +466,47 @@ "Ref": "PrivateSubnet2" }, "RouteTableId": { - "Ref": "PrivateSubnetRouteTable" + "Fn::If": [ + "MultiNATGateway", + { + "Ref": "PrivateSubnet2RouteTable" + }, + { + "Ref": "PrivateSubnet1RouteTable" + } + ] + } + } + }, + "PrivateSubnet3RouteTable": { + "Condition": "MultiNATGateway&3AZCondition", + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "VPC" + }, + "Tags": [ + { + "Key": "Name", + "Value": { "Fn::Join" : [ "-", [ { "Ref" : "AWS::StackName" }, "private-rt-3"] ] } + }, + { + "Key": "Network", + "Value": "Private" + } + ] + } + }, + "PrivateSubnet3Route": { + "Condition": "MultiNATGateway&3AZCondition", + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "PrivateSubnet3RouteTable" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "NATGateway3" } } }, @@ -428,7 +518,15 @@ "Ref": "PrivateSubnet3" }, "RouteTableId": { - "Ref": "PrivateSubnetRouteTable" + "Fn::If": [ + "MultiNATGateway", + { + "Ref": "PrivateSubnet3RouteTable" + }, + { + "Ref": "PrivateSubnet1RouteTable" + } + ] } } }, @@ -516,7 +614,85 @@ }, "SubnetId": { "Ref": "PublicSubnet1" - } + }, + "Tags": [ + { + "Key": "Name", + "Value": { "Fn::Join" : [ "-", [ { "Ref" : "AWS::StackName" }, "nat-gateway-1"] ] } + }, + { + "Key": "Network", + "Value": "Private" + } + ] + } + }, + "NATEIP2": { + "Condition": "MultiNATGateway", + "DependsOn": "VPCGatewayAttachment", + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc" + } + }, + "NATGateway2": { + "Condition": "MultiNATGateway", + "DependsOn": "VPCGatewayAttachment", + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "NATEIP2", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "PublicSubnet2" + }, + "Tags": [ + { + "Key": "Name", + "Value": { "Fn::Join" : [ "-", [ { "Ref" : "AWS::StackName" }, "nat-gateway-2"] ] } + }, + { + "Key": "Network", + "Value": "Private" + } + ] + } + }, + "NATEIP3": { + "Condition": "MultiNATGateway&3AZCondition", + "DependsOn": "VPCGatewayAttachment", + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc" + } + }, + "NATGateway3": { + "Condition": "MultiNATGateway&3AZCondition", + "DependsOn": "VPCGatewayAttachment", + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "NATEIP3", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "PublicSubnet3" + }, + "Tags": [ + { + "Key": "Name", + "Value": { "Fn::Join" : [ "-", [ { "Ref" : "AWS::StackName" }, "nat-gateway-3"] ] } + }, + { + "Key": "Network", + "Value": "Private" + } + ] } } },