Add Subnets to Existing VPC
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "This is my first cf template",
"Resources": {
"myvpc":{
"Type" : "AWS::EC2::VPC",
"Properties" : {
"CidrBlock" : "192.168.0.0/16",
"Tags" : [
{
"Key": "Name",
"Value": "From CF"
}
]
}
}
}
}
- For every resource we pass parameters as input and we get Return Values as Output
- Lets add subnet resource from some az. google aws cloudformation subnet
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "This is my first cf template",
"Resources": {
"myvpc":{
"Type" : "AWS::EC2::VPC",
"Properties" : {
"CidrBlock" : "192.168.0.0/16",
"Tags" : [
{
"Key": "Name",
"Value": "From CF"
}
]
}
},
"mysubnet1": {
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone": "us-west-2a",
"CidrBlock": "192.168.0.0/24",
"Tags":[
{
"Key": "Name",
"Value":"From CF"
}
],
"VpcId": ""
}
}
}
}
- We can user the Return Values of VPC Resource to get VPC ID. As Per documentation to get id we need to use Ref function. Syntax of Ref is
{
"Ref" : "<name of the resource>"
}
- Lets apply this to our template
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "This is my first cf template",
"Resources": {
"myvpc":{
"Type" : "AWS::EC2::VPC",
"Properties" : {
"CidrBlock" : "192.168.0.0/16",
"Tags" : [
{
"Key": "Name",
"Value": "From CF"
}
]
}
},
"mysubnet1": {
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone": "us-west-2a",
"CidrBlock": "192.168.0.0/24",
"Tags":[
{
"Key": "Name",
"Value":"From CF"
}
],
"VpcId": { "Ref": "myvpc" }
}
}
}
}
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "This is my first cf template",
"Resources": {
"myvpc":{
"Type" : "AWS::EC2::VPC",
"Properties" : {
"CidrBlock" : "192.168.0.0/16",
"Tags" : [
{
"Key": "Name",
"Value": "From CF"
}
]
}
},
"mysubnet1": {
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone": "us-west-2a",
"CidrBlock": "192.168.0.0/24",
"Tags":[
{
"Key": "Name",
"Value":"From CF"
}
],
"VpcId": { "Ref": "myvpc" }
}
},
"mysubnet2": {
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone": "us-west-2b",
"CidrBlock": "192.168.1.0/24",
"Tags":[
{
"Key": "Name",
"Value":"From CF"
}
],
"VpcId": { "Ref": "myvpc" }
}
},
"mysubnet3": {
"Type" : "AWS::EC2::Subnet",
"Properties":{
"AvailabilityZone": "us-west-2c",
"CidrBlock": "192.168.2.0/24",
"Tags":[
{
"Key": "Name",
"Value":"From CF"
}
],
"VpcId": { "Ref": "myvpc" }
}
}
}
}
Limitations of the above template
- This template can be reused by any aws account but only in oregon (us-west-2) region
Fix for limitation 1
- User cloudformation parameters as referred here
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "This is my first cf template",
"Parameters": {
"subnet1az": {
"Description": "Enter subnet1 az",
"Type": "String",
"Default": "us-west-2a"
},
"subnet2az": {
"Description": "Enter subnet1 az",
"Type": "String",
"Default": "us-west-2b"
},
"subnet3az": {
"Description": "Enter subnet1 az",
"Type": "String",
"Default": "us-west-2c"
}
},
"Resources": {
"myvpc": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "10.1.0.0/16",
"Tags": [
{
"Key": "Name",
"Value": "From VsCode"
}
]
}
},
"mysubnet1": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"AvailabilityZone": {
"Ref": "subnet1az"
},
"VpcId": {
"Ref": "myvpc"
},
"CidrBlock": "10.1.0.0/24",
"Tags": [
{
"Key": "Name",
"Value": "From VsCode"
}
]
}
},
"mysubnet2": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"AvailabilityZone": {
"Ref": "subnet2az"
},
"VpcId": {
"Ref": "myvpc"
},
"CidrBlock": "10.1.1.0/24",
"Tags": [
{
"Key": "Name",
"Value": "From VsCode"
}
]
}
},
"mysubnet3": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"AvailabilityZone": {
"Ref": "subnet3az"
},
"VpcId": {
"Ref": "myvpc"
},
"CidrBlock": "10.1.2.0/24",
"Tags": [
{
"Key": "Name",
"Value": "From VsCode"
}
]
}
}
}
}
Are there still some problems?
- How can we restrict what user enters in the parameters
