Build a VPC with CloudFormation
Pre-requisite: AWS
AWS or Amazon Web Services, Inc. is a sub-division of Amazon that offers on-demand cloud computing platforms and APIs for individuals, companies, and governments. CloudFormation is one of the services provided by Amazon Web Services, that helps the client model and set up their own AWS resources to save their time on managing those resources and they get to have more time focusing on their applications that run in AWS instead.
Basically, CloudFormation is a method that helps provision AWS infrastructure through code. It enables the user to quickly and consistently provide a group of related AWS and external resource models. Additionally, AWS CloudFormation offers a way to manage the resources throughout their lifespan. Here in this article, we’ll discuss a primary method to build a VPC through the CloudFormation of Amazon Web Services.
Build a VPC with CloudFormation
Cloudformation is a tool that helps the user to create and manage AWS resources easily. It can be used to manage all AWS resources using a text file. Cloudformation allows the user to create and model the infrastructure and applications without having to perform actions manually. through this, it is easy to manage infrastructure in a text file, or template. Cloudformation template is a formatted text file in JSON or YAML language that describes the AWS infrastructure.
Getting started with the AWS
Step 1: To start, the first step requires logging in to the AWS account. For this purpose, we can use the link given here to go to AWS Login Page. As soon as we click on the link, we will be shown a web page as we can see in the image below:
Step 2: Here fill out all the required details to log in. once we are done with the logging process, a main console window will show up as we can see in the image below:
Step 3: here, before proceeding further, we require a template that we will use to create a VPC. For this, we can use an exemplary template as given ahead. Just needs to Copy the following code and save it on a local machine.
Description: This template creates a VCC with two Public and two Private subnets, spread across two availability zones. It builds an internet gateway with a default route on the public subnets. Parameters: EnvironmentName: Description: An environment name that precedes resource names. Type: String VpcCIDR: Description: Please enter the IP range for this VPC Type: String Default: 10.8.0.0/16 PublicSubnet1CIDR: Description: Please enter the IP range for the public subnet in the first Availability Zone Type: String Default: 10.8.10.0/24 PublicSubnet2CIDR: Description: Please enter the IP range for the public subnet in the second Availability Zone Type: String Default: 10.8.11.0/24 PrivateSubnet1CIDR: Description: Please enter the IP range for the private subnet in the first Availability Zone Type: String Default: 10.8.21.0/24 PrivateSubnet2CIDR: Description: Please enter the IP range for the private subnet in the second Availability Zone Type: String Default: 10.8.21.0/24 Resources: VPC: Type: AWS::EC2::VPC Properties: CidrBlock: !Ref VpcCIDR EnableDnsSupport: true EnableDnsHostnames: true Tags: - Key:Name Value: !Ref EnvironmentName InternetGateway: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: !Ref EnvironmentName InternetGatewayAttachment: Type: AWS::EC2::VPCGatewayAttachement Properties: InternetGatewayId: !Ref InternetGateway VpcId: !Ref VPC PublicSubnet1: Type: AWS::EC2::Subnet Properties: VpcId: !Ref VPC AvailibilityZone: !Select [ 0, !GetAZs '' ] CidrBlock: !Ref PublicSubnet1CIDR MapPublicIpOnLaunch: true Tags: - Key: Name Value: !Sub ${EnvironmentName} Public Subnet (AZ1) PublicSubnet2: Type: AwS::EC2::Subnet Properties: VpcId: !Ref VPC AvailabilityZone: !Select [ 1, !GetAZs '' ] CidrBlock: !Ref PublicSubnet2CIDR MapPublicIpOnLaunch: True Tags: - Key: Name Value: !Sub ${EnvironmentName} Public Subnet (AZ2) PrivatSubnet1: Type: AWS::EC2::Subnet Properties: VpcId: !Ref VPC AvailabilityZone: !Select [ 0, !GetAZs '' ] CidrBlock: !Ref PrivateSubnet1CIDR MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Sub ${EnvironmentName} Private Subnet (AZ1) PrivateSubnet2: Type: AWS::EC2::Subnet Properties: VpcId: !Ref VPC AvailabilityZone: !Select [ 1, !GetAZs '' ] CidrBlock: !Ref PrivateSubnet2CIDR MapPublicIpOnLaunch: false Tags: - Key: Name Value: !Sub ${EnvironmentName} Private Subnet (AZ2) PublicRouteTable: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref VPC Tags: - Key: Name Value: !Sub ${EnvironmentName} Public Routes DefaultPublicRoute: Type: AWS::EC2::Route DependsOn: InternetGatewayAttachment Properties: RouteTableId: !Ref PublicRouteTable DestinationCidrBlock: 0.0.0.0/0 GetewayId: !Ref InternetGateway PublicSubnet1RouteTabletAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: !Ref PublicRouteTable SubnetId: !Ref PublicSubnet1 PublicSubnet2RouteTableAssociation: Type: AWS::EC2:: SubnetRouteTableAssociation Properties: RouteTable: !Ref PublicRouteTable SubnetId: !Ref PublicSubnet2 PrivateRouteTable1: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref VPC Tags: - Key: Name Value: !Sub ${EnvironmentName} Private Routes (AZ1) PrivateSubnet1RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssocoiation Properties: RouteTableId: !Ref PrivateRouteTable1 SubnetId: !Ref PrivateSubnet1 PrivateRouteTable2: Type: AWS::EC2::RouteTable Properties: VpcId: !Ref VPC Tags: - Key: Name Value: !Sub ${EnvironmentName} Private Routes (AZ2) PrivateSubnet2RouteTableAssociation: Type: AWS::EC2::SubnetRouteTableAssociation Propreties: RouteTableId: !Ref PrivateRouteTable2 SubnetId: !Ref PrivateSubnet2 NoIngressSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupName: "no-ingress-sg" GroupDescription: "Security group with no ingress rule" VpcId: !Ref VPC Outputs: VPC: Description: A reference to the created VPC Value: !Ref VPC PublicSubnets: Description: A list of the public subnets Value: !join [ ",", [ !Ref PublicSubnet1, !Ref PublicSubnet2 ]] PrivateSubnets: Description: A list of the private subnets Value: !join [ ",", [ !Ref PrivateSubnet1, !Ref PrivateSubnet2 ]] PublicSubnet1: Description: A reference to the public subnet in the 1st Availability Zone Value: !Ref PublicSubnet1 PublicSubnet2: Description: A reference to the public subnet in the 2nd Availability Zone Value: !Ref PublicSubnet2 PrivateSubnets: Description: A reference to the private subnet in the 1st Availability Zone Value: !Ref PrivateSubnet1 PrivateSubnets: Description: A reference to the private subnet in the 2nd Availability Zone Value: !Ref PrivateSubnet2 NoIngressSecrityGroup: Description: Security group with no ingress rule Value: !Ref NoIngressSecurityGroup
Building a CloudFormation Stack
Step 1: To create a CloudFormation Stack, first, click on the “Services” option in the top left of the screen, and then, search for the “CloudFormation” option and click on it. As we can see in the image below:
Step 2: On the dashboard, click on the “Create stack” button and select the first option, “With new resources (standard)”. As in the image below:
Step 3: A template file is required for the stack, which can be either a local file or an object file in an S3 bucket. here, we will be using a local template. First, select the local template file by clicking on the “Template is ready” button, next “Upload a template file”, then click on “Choose file” to continue
Step 4: here create a name for the stack. We can make some other changes as required. However, here we will keep all other parameters as it is for now.
next, as given in the options, we can create Tags according to our work requirements.
Step 5: Now, scroll down the page and click on the “Create stack” button, as shown in the image:
Wait for a while, as it might take a few moments.
Under the “Events” tab, we can see the current status or event data.
Step 6: We can now visit VPC and look for the newly created VPC there. Click “Services” at the top and then use the left search bar to find VPC to access it.
Here, the number of VPCs, Subnets, Route Tables, Internet Gateways, and National Gateways that were created is displayed in the main dashboard.
A VPC can be deleted by just deleting the Stack, once it’s no more needed.
Contact Us