AWS CloudFormation — AWS VPC with Private, Public Subnets with NAT
AWS CloudFormation is an AWS service that uses template files to automate the setup of AWS resources.
It can also be described as an infrastructure automation or Infrastructure-as-Code (IaC) tool and a cloud automation solution because it can automate the setup and deployment of various Infrastructure-as-a-Service (IaaS) offerings on the AWS CloudFormation supports virtually every service that runs in AWS. (A complete list of supported services is available here.)
Let’s start our Tutorial!
Pre-Requisites To Creating Infrastructure on AWS Using CloudFormation
- AWS CLI is installed on your machine if not please follow this link.
- We require AWS IAM API keys (access key and secret key) for creating and deleting permissions for all AWS resources.
- Configure AWS CLI Profile with the above access key and secret key.
Amazon Resources Created Using CloudFormation
- AWS VPC with given CIDR.
- Multiple AWS VPC public subnets would be reachable from the internet; which means traffic from the internet can hit a machine in the public subnet.
- Multiple AWS VPC private subnets which mean it is not reachable to the internet directly without NAT Gateway.
- AWS VPC Internet Gateway and attach it to AWS VPC.
- Public and private AWS VPC Route Tables.
- AWS VPC NAT Gateway.
- Associating AWS VPC Subnets with VPC route tables.
Let’s Create the Template!
Create a CloudFormation template file (cloudformation.yml)
Create a CloudFormation template file with .yml extension.
CloudFormation supports JSON or YAML, and we’ll be using YAML because the following reasons.
- less syntactical ceremony.
- the ability to PUT COMMENTS with #.
Define the template version and description of this template (optional)
This is the basic structure that is needed for any CloudFormation template.
AWSTemplateFormatVersion: The AWSTemplateFormatVersion section (optional) identifies the capabilities of the template. The latest template format version is 2010-09-09 and is currently the only valid value.
Description: The Description section (optional) enables you to include comments about your template. The value for the description declaration must be a literal string between 0 and 1024 bytes in length.
AWSTemplateFormatVersion: 2010-09-09
Description: This template deploys a VPC, 2 public and private subnets, internet gateway,
default route for public subnets, NAT gateways, and default routes for the private subnets.Define parameters (optional)
Parameters enable you to input custom values to your template each time you create or update a stack.
Define Resources (required)
The Resources section declares the AWS resources that you want to include in the stack, such as an Amazon EC2 instance or an Amazon S3 bucket.
Define Output (optional)
The Outputs section declares output values that you can import into other stacks (to create cross-stack references), return in response (to describe stack calls) or view on the AWS CloudFormation console.
So Now our CloudFormation template is ready for deployment.
Let’s deploy the template
With the AWS Command Line Interface (AWS CLI), you can create, monitor, update, and delete stacks from your system’s terminal.
Run the following command from your system’s terminal to deploy our VPC stack.
- --template-file: Path of your cloudformation template file.
- --stack-name: Name of your stack.
- --profile: Name of your AWS CLI Profile that you configured.
- --region: Region in which your stack deployment is.
- --parameter-overrides: Parameter that we need to pass as an argument of
key/valuespair.
You can check your stack deployment status from AWS Console also. for that, you just need to login into your AWS account and navigate to the CloudFormation service console.
Once the stack is deployed successfully it will show you the output values that you specify in your code.
So for stack deletion please run the following command
aws cloudformation delete-stack --stack-name <Stack name Given in above step>Thank you for reading, if you have anything to add please send a response or add a note!
