2012年11月30日金曜日

CloudFormationでVPCの構築

スズキです。

下記のように、VPCの設計指針の一つを示し、
SUZ-LAB最前線(VPCのサブネット/ ルーティング/セキュリティ)
サブネットのアドレス体系も定義したので、
VPCのSubnetのCIDRの設計方針(一例として)
最後に、これらを"Cloud Formation"化します。というか、しました。
SUZ-LAB Formation VPC Basic 0.0.1
(上記からダウンロードできますし、全ソースは本記事の最後に置いています)

それでは、早速、このテンプレートでVPCを構築してみます。

まずは適当な"Stack Name"をつけて"Provide a Template URL"を選択して、
上記のテンプレート(JSON)のURLを入力します。


次にパラメータとして、VPCに設定するCIDRの最初の2オクテットを入力します。


するとCIDRが"X.X.0.0/16"のVPCが構築され始めます。

CloudFormationが終了すると下記のようになります。


実際にVPCを確認すると、次のように問題なく構築されていることがわかります。



ただし、このままだと、NATインスタンスが無いので、Protectedなサブネットから、
外部に通信することができません。(つまり、まだProtectedじゃありません...)

ということで、次回はNATインスタンスも組み込んで、ちゃんとProtectedサブネットが
機能するようにします。

最後にCloudFormationのテンプレートを載せておきます。(長いですが...)

suz-lab_vpc-basic-0.0.1.json
{
    "AWSTemplateFormatVersion": "2010-09-09", 
    "Description": "SUZ-LAB Formation VPC Basic 0.0.1", 
    "Mappings": {
        "AvailabilityZoneMap": {
            "ap-northeast-1": {
                "AZA": "ap-northeast-1a", 
                "AZB": "ap-northeast-1b", 
                "AZC": "ap-northeast-1c"
            }
        }
    }, 
    "Parameters": {
        "VPCCIDR": {
            "AllowedPattern": "^(\\d|[01]?\\d\\d|2[0-4]\\d|25[0-5])\\.(\\d|[01]?\\d\\d|2[0-4]\\d|25[0-5])", 
            "Default": "10.0", 
            "Description": "VPC CIDR (X.X.0.0/16)", 
            "Type": "String"
        }
    }, 
    "Resources": {
        "EC2VPC": {
            "Properties": {
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".0.0/16"
                        ]
                    ]
                }
            }, 
            "Type": "AWS::EC2::VPC"
        },
        "EC2InternetGateway": {
            "Properties": {}, 
            "Type": "AWS::EC2::InternetGateway"
        },
        "EC2VPCGatewayAttachmentInternet": {
            "Properties": {
                "InternetGatewayId": {
                    "Ref": "EC2InternetGateway"
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::VPCGatewayAttachment"
        },
        "EC2NetworkAclExternal": {
            "Properties": {
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::NetworkAcl"
        }, 
        "EC2NetworkAclInternal": {
            "Properties": {
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::NetworkAcl"
        }, 
        "EC2NetworkAclEntryExternalInbound": {
            "Properties": {
                "CidrBlock": "0.0.0.0/0", 
                "Egress": "false", 
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclExternal"
                }, 
                "Protocol": "-1", 
                "RuleAction": "allow", 
                "RuleNumber": "100"
            }, 
            "Type": "AWS::EC2::NetworkAclEntry"
        }, 
        "EC2NetworkAclEntryExternalOutbound": {
            "Properties": {
                "CidrBlock": "0.0.0.0/0", 
                "Egress": "true", 
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclExternal"
                }, 
                "Protocol": "-1", 
                "RuleAction": "allow", 
                "RuleNumber": "100"
            }, 
            "Type": "AWS::EC2::NetworkAclEntry"
        }, 
        "EC2NetworkAclEntryInternalInbound": {
            "Properties": {
                "CidrBlock": "0.0.0.0/0", 
                "Egress": "false", 
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "Protocol": "-1", 
                "RuleAction": "allow", 
                "RuleNumber": "100"
            }, 
            "Type": "AWS::EC2::NetworkAclEntry"
        }, 
        "EC2NetworkAclEntryInternalOutbound": {
            "Properties": {
                "CidrBlock": "0.0.0.0/0", 
                "Egress": "true", 
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "Protocol": "-1", 
                "RuleAction": "allow", 
                "RuleNumber": "100"
            }, 
            "Type": "AWS::EC2::NetworkAclEntry"
        }, 
        "EC2RouteTablePrivate": {
            "Properties": {
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::RouteTable"
        }, 
        "EC2RouteTableProtected": {
            "Properties": {
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::RouteTable"
        }, 
        "EC2RouteTablePublic": {
            "Properties": {
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::RouteTable"
        },
        "EC2RoutePublic": {
            "Properties": {
                "DestinationCidrBlock": "0.0.0.0/0", 
                "GatewayId": {
                    "Ref": "EC2InternetGateway"
                }, 
                "RouteTableId": {
                    "Ref": "EC2RouteTablePublic"
                }
            }, 
            "Type": "AWS::EC2::Route"
        },
        "EC2SubnetPrivateFixA72": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZA"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".72.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPrivateFixB73": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZB"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".73.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPrivateFixC74": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZC"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".74.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPrivateVarA64": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZA"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".64.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPrivateVarB65": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZB"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".65.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPrivateVarC66": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZC"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".66.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetProtectedFixA40": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZA"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".40.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetProtectedFixB41": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZB"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".41.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetProtectedFixC42": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZC"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".42.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetProtectedVarA32": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZA"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".32.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetProtectedVarB33": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZB"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".33.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetProtectedVarC34": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZC"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".34.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPublicFixA08": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZA"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".8.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPublicFixB09": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZB"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".9.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPublicFixC10": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZC"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".10.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPublicVarA00": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZA"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".0.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPublicVarB01": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZB"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".1.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetPublicVarC02": {
            "Properties": {
                "AvailabilityZone": {
                    "Fn::FindInMap": [
                        "AvailabilityZoneMap", 
                        {
                            "Ref": "AWS::Region"
                        }, 
                        "AZC"
                    ]
                }, 
                "CidrBlock": {
                    "Fn::Join": [
                        "", 
                        [
                            {
                                "Ref": "VPCCIDR"
                            }, 
                            ".2.0/24"
                        ]
                    ]
                }, 
                "VpcId": {
                    "Ref": "EC2VPC"
                }
            }, 
            "Type": "AWS::EC2::Subnet"
        }, 
        "EC2SubnetNetworkAclAssociationPrivateFixA72": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateFixA72"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPrivateFixB73": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateFixB73"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPrivateFixC74": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateFixC74"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPrivateVarA64": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateVarA64"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPrivateVarB65": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateVarB65"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPrivateVarC66": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateVarC66"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationProtectedFixA40": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedFixA40"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationProtectedFixB41": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedFixB41"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationProtectedFixC42": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedFixC42"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationProtectedVarA32": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedVarA32"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationProtectedVarB33": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedVarB33"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationProtectedVarC34": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclInternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedVarC34"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPublicFixA08": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclExternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicFixA08"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPublicFixB09": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclExternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicFixB09"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPublicFixC10": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclExternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicFixC10"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPublicVarA00": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclExternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicVarA00"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPublicVarB01": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclExternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicVarB01"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetNetworkAclAssociationPublicVarC02": {
            "Properties": {
                "NetworkAclId": {
                    "Ref": "EC2NetworkAclExternal"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicVarC02"
                }
            }, 
            "Type": "AWS::EC2::SubnetNetworkAclAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPrivateFixA72": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePrivate"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateFixA72"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPrivateFixB73": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePrivate"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateFixB73"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPrivateFixC74": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePrivate"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateFixC74"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPrivateVarA64": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePrivate"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateVarA64"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPrivateVarB65": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePrivate"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateVarB65"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPrivateVarC66": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePrivate"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPrivateVarC66"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationProtectedFixA40": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTableProtected"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedFixA40"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationProtectedFixB41": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTableProtected"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedFixB41"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationProtectedFixC42": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTableProtected"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedFixC42"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationProtectedVarA32": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTableProtected"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedVarA32"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationProtectedVarB33": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTableProtected"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedVarB33"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationProtectedVarC34": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTableProtected"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetProtectedVarC34"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPublicFixA08": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePublic"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicFixA08"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPublicFixB09": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePublic"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicFixB09"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPublicFixC10": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePublic"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicFixC10"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPublicVarA00": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePublic"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicVarA00"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPublicVarB01": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePublic"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicVarB01"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }, 
        "EC2SubnetRouteTableAssociationPublicVarC02": {
            "Properties": {
                "RouteTableId": {
                    "Ref": "EC2RouteTablePublic"
                }, 
                "SubnetId": {
                    "Ref": "EC2SubnetPublicVarC02"
                }
            }, 
            "Type": "AWS::EC2::SubnetRouteTableAssociation"
        }
    },
    "Outputs": {
        "Guideline": {
            "Value": "https://docs.google.com/a/suz-lab.com/document/pub?id=1nIF-CUBs_rqIEvzHIs9Vn1M9M-fZVn0kGszgh_mWevA"
        }, 
        "VPCCIDR": {
            "Value": {
                "Fn::Join": [
                    "", 
                    [
                        {
                            "Ref": "VPCCIDR"
                        }, 
                        ".0.0/16"
                    ]
                ]
            }
        }
    }
}

条件分岐や繰り返しが使えると、もっと嬉しいかも...
--------
http://www.suz-lab.com

0 コメント: