diff --git a/modules/installation-cloudformation-vpc-localzone.adoc b/modules/installation-cloudformation-vpc-localzone.adoc index 97cc93331d00..82704dd6b71d 100644 --- a/modules/installation-cloudformation-vpc-localzone.adoc +++ b/modules/installation-cloudformation-vpc-localzone.adoc @@ -1,7 +1,7 @@ // Module included in the following assemblies: // // * installing/installing-aws-localzone.adoc (Installing a cluster on AWS with compute nodes on AWS Local Zones) -// * installing/installing-aws-wavelength-zone.adoc (Installing a cluster on AWS with compute nodes on AWS Wavelength Zones) +// * installing/installing-aws-wavelength-zone.adoc (Installing a cluster on AWS with compute nodes on AWS Wavelength Zones) :_mod-docs-content-type: REFERENCE [id="installation-cloudformation-vpc-localzone_{context}"] @@ -14,316 +14,6 @@ You can use the following CloudFormation template to deploy the VPC that you nee ==== [source,yaml] ---- -AWSTemplateFormatVersion: 2010-09-09 -Description: Template for Best Practice VPC with 1-3 AZs - -Parameters: - VpcCidr: - AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-4]))$ - ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-24. - Default: 10.0.0.0/16 - Description: CIDR block for VPC. - Type: String - AvailabilityZoneCount: - ConstraintDescription: "The number of availability zones. (Min: 1, Max: 3)" - MinValue: 1 - MaxValue: 3 - Default: 1 - Description: "How many AZs to create VPC subnets for. (Min: 1, Max: 3)" - Type: Number - SubnetBits: - ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/19-27. - MinValue: 5 - MaxValue: 13 - Default: 12 - Description: "Size of each subnet to create within the availability zones. (Min: 5 = /27, Max: 13 = /19)" - Type: Number - -Metadata: - AWS::CloudFormation::Interface: - ParameterGroups: - - Label: - default: "Network Configuration" - Parameters: - - VpcCidr - - SubnetBits - - Label: - default: "Availability Zones" - Parameters: - - AvailabilityZoneCount - ParameterLabels: - AvailabilityZoneCount: - default: "Availability Zone Count" - VpcCidr: - default: "VPC CIDR" - SubnetBits: - default: "Bits Per Subnet" - -Conditions: - DoAz3: !Equals [3, !Ref AvailabilityZoneCount] - DoAz2: !Or [!Equals [2, !Ref AvailabilityZoneCount], Condition: DoAz3] - -Resources: - VPC: - Type: "AWS::EC2::VPC" - Properties: - EnableDnsSupport: "true" - EnableDnsHostnames: "true" - CidrBlock: !Ref VpcCidr - PublicSubnet: - Type: "AWS::EC2::Subnet" - Properties: - VpcId: !Ref VPC - CidrBlock: !Select [0, !Cidr [!Ref VpcCidr, 6, !Ref SubnetBits]] - AvailabilityZone: !Select - - 0 - - Fn::GetAZs: !Ref "AWS::Region" - PublicSubnet2: - Type: "AWS::EC2::Subnet" - Condition: DoAz2 - Properties: - VpcId: !Ref VPC - CidrBlock: !Select [1, !Cidr [!Ref VpcCidr, 6, !Ref SubnetBits]] - AvailabilityZone: !Select - - 1 - - Fn::GetAZs: !Ref "AWS::Region" - PublicSubnet3: - Type: "AWS::EC2::Subnet" - Condition: DoAz3 - Properties: - VpcId: !Ref VPC - CidrBlock: !Select [2, !Cidr [!Ref VpcCidr, 6, !Ref SubnetBits]] - AvailabilityZone: !Select - - 2 - - Fn::GetAZs: !Ref "AWS::Region" - InternetGateway: - Type: "AWS::EC2::InternetGateway" - GatewayToInternet: - Type: "AWS::EC2::VPCGatewayAttachment" - Properties: - VpcId: !Ref VPC - InternetGatewayId: !Ref InternetGateway - PublicRouteTable: - Type: "AWS::EC2::RouteTable" - Properties: - VpcId: !Ref VPC - PublicRoute: - Type: "AWS::EC2::Route" - DependsOn: GatewayToInternet - Properties: - RouteTableId: !Ref PublicRouteTable - DestinationCidrBlock: 0.0.0.0/0 - GatewayId: !Ref InternetGateway - PublicSubnetRouteTableAssociation: - Type: "AWS::EC2::SubnetRouteTableAssociation" - Properties: - SubnetId: !Ref PublicSubnet - RouteTableId: !Ref PublicRouteTable - PublicSubnetRouteTableAssociation2: - Type: "AWS::EC2::SubnetRouteTableAssociation" - Condition: DoAz2 - Properties: - SubnetId: !Ref PublicSubnet2 - RouteTableId: !Ref PublicRouteTable - PublicSubnetRouteTableAssociation3: - Condition: DoAz3 - Type: "AWS::EC2::SubnetRouteTableAssociation" - Properties: - SubnetId: !Ref PublicSubnet3 - RouteTableId: !Ref PublicRouteTable - PrivateSubnet: - Type: "AWS::EC2::Subnet" - Properties: - VpcId: !Ref VPC - CidrBlock: !Select [3, !Cidr [!Ref VpcCidr, 6, !Ref SubnetBits]] - AvailabilityZone: !Select - - 0 - - Fn::GetAZs: !Ref "AWS::Region" - PrivateRouteTable: - Type: "AWS::EC2::RouteTable" - Properties: - VpcId: !Ref VPC - PrivateSubnetRouteTableAssociation: - Type: "AWS::EC2::SubnetRouteTableAssociation" - Properties: - SubnetId: !Ref PrivateSubnet - RouteTableId: !Ref PrivateRouteTable - NAT: - DependsOn: - - GatewayToInternet - Type: "AWS::EC2::NatGateway" - Properties: - AllocationId: - "Fn::GetAtt": - - EIP - - AllocationId - SubnetId: !Ref PublicSubnet - EIP: - Type: "AWS::EC2::EIP" - Properties: - Domain: vpc - Route: - Type: "AWS::EC2::Route" - Properties: - RouteTableId: - Ref: PrivateRouteTable - DestinationCidrBlock: 0.0.0.0/0 - NatGatewayId: - Ref: NAT - PrivateSubnet2: - Type: "AWS::EC2::Subnet" - Condition: DoAz2 - Properties: - VpcId: !Ref VPC - CidrBlock: !Select [4, !Cidr [!Ref VpcCidr, 6, !Ref SubnetBits]] - AvailabilityZone: !Select - - 1 - - Fn::GetAZs: !Ref "AWS::Region" - PrivateRouteTable2: - Type: "AWS::EC2::RouteTable" - Condition: DoAz2 - Properties: - VpcId: !Ref VPC - PrivateSubnetRouteTableAssociation2: - Type: "AWS::EC2::SubnetRouteTableAssociation" - Condition: DoAz2 - Properties: - SubnetId: !Ref PrivateSubnet2 - RouteTableId: !Ref PrivateRouteTable2 - NAT2: - DependsOn: - - GatewayToInternet - Type: "AWS::EC2::NatGateway" - Condition: DoAz2 - Properties: - AllocationId: - "Fn::GetAtt": - - EIP2 - - AllocationId - SubnetId: !Ref PublicSubnet2 - EIP2: - Type: "AWS::EC2::EIP" - Condition: DoAz2 - Properties: - Domain: vpc - Route2: - Type: "AWS::EC2::Route" - Condition: DoAz2 - Properties: - RouteTableId: - Ref: PrivateRouteTable2 - DestinationCidrBlock: 0.0.0.0/0 - NatGatewayId: - Ref: NAT2 - PrivateSubnet3: - Type: "AWS::EC2::Subnet" - Condition: DoAz3 - Properties: - VpcId: !Ref VPC - CidrBlock: !Select [5, !Cidr [!Ref VpcCidr, 6, !Ref SubnetBits]] - AvailabilityZone: !Select - - 2 - - Fn::GetAZs: !Ref "AWS::Region" - PrivateRouteTable3: - Type: "AWS::EC2::RouteTable" - Condition: DoAz3 - Properties: - VpcId: !Ref VPC - PrivateSubnetRouteTableAssociation3: - Type: "AWS::EC2::SubnetRouteTableAssociation" - Condition: DoAz3 - Properties: - SubnetId: !Ref PrivateSubnet3 - RouteTableId: !Ref PrivateRouteTable3 - NAT3: - DependsOn: - - GatewayToInternet - Type: "AWS::EC2::NatGateway" - Condition: DoAz3 - Properties: - AllocationId: - "Fn::GetAtt": - - EIP3 - - AllocationId - SubnetId: !Ref PublicSubnet3 - EIP3: - Type: "AWS::EC2::EIP" - Condition: DoAz3 - Properties: - Domain: vpc - Route3: - Type: "AWS::EC2::Route" - Condition: DoAz3 - Properties: - RouteTableId: - Ref: PrivateRouteTable3 - DestinationCidrBlock: 0.0.0.0/0 - NatGatewayId: - Ref: NAT3 - S3Endpoint: - Type: AWS::EC2::VPCEndpoint - Properties: - PolicyDocument: - Version: 2012-10-17 - Statement: - - Effect: Allow - Principal: '*' - Action: - - '*' - Resource: - - '*' - RouteTableIds: - - !Ref PublicRouteTable - - !Ref PrivateRouteTable - - !If [DoAz2, !Ref PrivateRouteTable2, !Ref "AWS::NoValue"] - - !If [DoAz3, !Ref PrivateRouteTable3, !Ref "AWS::NoValue"] - ServiceName: !Join - - '' - - - com.amazonaws. - - !Ref 'AWS::Region' - - .s3 - VpcId: !Ref VPC - -Outputs: - VpcId: - Description: ID of the new VPC. - Value: !Ref VPC - PublicSubnetIds: - Description: Subnet IDs of the public subnets. - Value: - !Join [ - ",", - [!Ref PublicSubnet, !If [DoAz2, !Ref PublicSubnet2, !Ref "AWS::NoValue"], !If [DoAz3, !Ref PublicSubnet3, !Ref "AWS::NoValue"]] - ] - PrivateSubnetIds: - Description: Subnet IDs of the private subnets. - Value: - !Join [ - ",", - [!Ref PrivateSubnet, !If [DoAz2, !Ref PrivateSubnet2, !Ref "AWS::NoValue"], !If [DoAz3, !Ref PrivateSubnet3, !Ref "AWS::NoValue"]] - ] - PublicRouteTableId: - Description: Public Route table ID - Value: !Ref PublicRouteTable - PrivateRouteTableIds: - Description: Private Route table IDs - Value: - !Join [ - ",", - [ - !Join ["=", [ - !Select [0, "Fn::GetAZs": !Ref "AWS::Region"], - !Ref PrivateRouteTable - ]], - !If [DoAz2, - !Join ["=", [!Select [1, "Fn::GetAZs": !Ref "AWS::Region"], !Ref PrivateRouteTable2]], - !Ref "AWS::NoValue" - ], - !If [DoAz3, - !Join ["=", [!Select [2, "Fn::GetAZs": !Ref "AWS::Region"], !Ref PrivateRouteTable3]], - !Ref "AWS::NoValue" - ] - ] - ] +include::https://raw.githubusercontent.com/openshift/installer/master/upi/aws/cloudformation/01_vpc.yaml[] ---- ====