AWS Classroom Series – 12/Feb/2020

Solution to Exercise 3

{
    "AWSTemplateFormatVersion": "2010-09-09",
    "Description": "Exercise-3",
    "Resources": {
        
        "myqtstorage": {
            "Type": "AWS::S3::Bucket",
            "Properties": {
                "AccessControl": "PublicRead",
                "BucketName": "qts3fromclidemo1"
            }
        },
        
        "myvpc": {
          "Type": "AWS::EC2::VPC",
          "Properties": {
            "CidrBlock": "192.168.0.0/16",
            "Tags": [{
                "Key": "Name",
                "Value": "myvpc"
            }]
          }
        }
        
    }
}

Exercise -4 : Add 4 subnets to VPC

  • Here to add subnet we need vpc id.
  • Hardcoding vpc id might not give reusability
  • Now lets look for an better approach. Naviagate to aws vpc cloudformation definition from here Preview
  • In this section, we have two functions
    • Ref => Gives vpc id
    • Fn::GetAtt => Give other vpc information
  • Lets look at how to user ref from here
{ "Ref" : "logicalName" }
  • Now if you apply this to our template it would look like
{
    "AWSTemplateFormatVersion": "2010-09-09",
    "Description": "Exercise-3",
    "Resources": {
        "myqtstorage": {
            "Type": "AWS::S3::Bucket",
            "Properties": {
                "AccessControl": "PublicRead",
                "BucketName": "qts3fromclidemo1"
            }
        },
        "myvpc": {
            "Type": "AWS::EC2::VPC",
            "Properties": {
                "CidrBlock": "192.168.0.0/16",
                "Tags": [
                    {
                        "Key": "Name",
                        "Value": "myvpc"
                    }
                ]
            }
        },
        "websubnet": {
            "Type": "AWS::EC2::Subnet",
            "Properties": {
                "AvailabilityZone": "us-west-2a",
                "VpcId": {
                    "Ref": "myvpc"
                },
                "CidrBlock": "192.168.0.0/24",
                "Tags": [
                    {
                        "Key": "Name",
                        "Value": "web"
                    }
                ]
            }
        },
        "dbsubnet": {
            "Type": "AWS::EC2::Subnet",
            "Properties": {
                "AvailabilityZone": "us-west-2b",
                "VpcId": {
                    "Ref": "myvpc"
                },
                "CidrBlock": "192.168.1.0/24",
                "Tags": [
                    {
                        "Key": "Name",
                        "Value": "db"
                    }
                ]
            }
        }
    }
}
  • If you look at this template it looks clean but still it has some problems
    • Name of VPC is hard coded
    • It will always create the vpc in oregon.

Exercise 5: Make this template which asks input from user to select cidr of vpc and subnet and availability zones.

  • If you want user to enter the data, we need to user parameters
  • Refer Here for official docs
  • Adding parameters to the existing templates and the template is as shown below
{
    "AWSTemplateFormatVersion": "2010-09-09",
    "Description": "Exercise-5",
    "Parameters": {
        "vpccidr": {
            "Description": "CIDR Range of VPC",
            "Type": "String",
            "Default": "192.168.0.0/16"
        },
        "websubnetcidr": {
            "Description": "CIDR Range of Web Subnet",
            "Type": "String",
            "Default": "192.168.0.0/24"
        },
        "dbsubnetcidr": {
            "Description": "CIDR Range of db Subnet",
            "Type": "String",
            "Default": "192.168.1.0/24"
        },
        "websubnetaz": {
            "Description": "AZ for web subnet",
            "Type": "AWS::EC2::AvailabilityZone::Name"
        },
        "dbsubnetaz": {
            "Description": "AZ for db subnet",
            "Type": "AWS::EC2::AvailabilityZone::Name"
        },
        "storagebucketname": {
            "Description": "Storage Bucket name",
            "Type": "String",
            "Default": "qts3fromclidemo1"
        }
    },
    "Resources": {
        "myqtstorage": {
            "Type": "AWS::S3::Bucket",
            "Properties": {
                "AccessControl": "PublicRead",
                "BucketName": {
                    "Ref": "storagebucketname"
                }
            }
        },
        "myvpc": {
            "Type": "AWS::EC2::VPC",
            "Properties": {
                "CidrBlock": {
                    "Ref": "vpccidr"
                },
                "Tags": [
                    {
                        "Key": "Name",
                        "Value": "myvpc"
                    }
                ]
            }
        },
        "websubnet": {
            "Type": "AWS::EC2::Subnet",
            "Properties": {
                "AvailabilityZone": {
                    "Ref": "websubnetaz"
                },
                "VpcId": {
                    "Ref": "myvpc"
                },
                "CidrBlock": {
                    "Ref": "websubnetcidr"
                },
                "Tags": [
                    {
                        "Key": "Name",
                        "Value": "web"
                    }
                ]
            }
        },
        "dbsubnet": {
            "Type": "AWS::EC2::Subnet",
            "Properties": {
                "AvailabilityZone": {
                    "Ref": "dbsubnetaz"
                },
                "VpcId": {
                    "Ref": "myvpc"
                },
                "CidrBlock": {
                    "Ref": "dbsubnetcidr"
                },
                "Tags": [
                    {
                        "Key": "Name",
                        "Value": "db"
                    }
                ]
            }
        }
    }
}

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin