AWSTemplateFormatVersion: "2010-09-09"
Description: ""
Resources:
VPC:
Type: "AWS::EC2::VPC"
Properties:
CidrBlock: "10.0.0.0/16"
EnableDnsHostnames: true
EnableDnsSupport: true
PrivateSubnet1:
Type: "AWS::EC2::Subnet"
Properties:
CidrBlock: "10.0.0.0/24"
MapPublicIpOnLaunch: false
VpcId:
Ref: "VPC"
Tags:
- Key: "Name"
Value: "Private Subnet AZ A"
AvailabilityZone:
Fn::Select:
- "0"
- Fn::GetAZs:
Ref: "AWS::Region"
PrivateSubnet2:
Type: "AWS::EC2::Subnet"
Properties:
CidrBlock: "10.0.1.0/24"
MapPublicIpOnLaunch: false
VpcId:
Ref: "VPC"
Tags:
- Key: "Name"
Value: "Private Subnet AZ B"
AvailabilityZone:
Fn::Select:
- "1"
- Fn::GetAZs:
Ref: "AWS::Region"
RouteTablePrivate1:
Type: "AWS::EC2::RouteTable"
Properties:
VpcId:
Ref: "VPC"
Tags:
- Key: "Name"
Value: "Private Route Table A"
RouteTablePrivate1Association1:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
RouteTableId:
Ref: "RouteTablePrivate1"
SubnetId:
Ref: "PrivateSubnet1"
RouteTablePrivate2:
Type: "AWS::EC2::RouteTable"
Properties:
VpcId:
Ref: "VPC"
Tags:
- Key: "Name"
Value: "Private Route Table B"
RouteTablePrivate2Association1:
Type: "AWS::EC2::SubnetRouteTableAssociation"
Properties:
RouteTableId:
Ref: "RouteTablePrivate2"
SubnetId:
Ref: "PrivateSubnet2"
VPCEndpoint:
Type: "AWS::EC2::VPCEndpoint"
Properties:
VpcEndpointType: "Interface"
ServiceName:
Fn::Join:
- ""
-
- "com.amazonaws."
- Ref: "AWS::Region"
- ".ec2"
VpcId:
Ref: "VPC"
PrivateDnsEnabled: true
SecurityGroupIds:
- Ref: "SgForVPCEndpoint"
SgForVPCEndpoint:
Type: "AWS::EC2::SecurityGroup"
Properties:
GroupDescription: "Security group to allow access to ec2 VPC Endpoint"
SecurityGroupIngress:
- CidrIp: "0.0.0.0/0"
IpProtocol: "tcp"
FromPort: "443"
ToPort: "443"
SecurityGroupEgress:
- CidrIp: "0.0.0.0/0"
IpProtocol: "-1"
VpcId:
Ref: "VPC"
Parameters: {}
Metadata: {}
Conditions: {}