AWS News Blog
AWS CloudFormation Can Now Create Virtual Private Clouds
AWS CloudFormation lets you describe stacks of related AWS resources (EC2 instances, Elastic IP addresses, RDS DB Instances, and much more) using a template. The template can include runtime parameters, allowing you to customize each stack as you create it. CloudFormation automatically creates resources in dependency-based order; you simply tell it which resources you need and how you want them to be configured and it will take care of the details.
You can now create and populate an entire Virtual Private Cloud (VPC) using a single CloudFormation template. CloudFormation templates are JSON formatted text files and can be stored in a source control system alongside your application source code. CloudFormation allows you to separate the network and VPC configuration from the resources needed to run an application.
For example, a network administrator can define the Virtual Private Cloud resources in a template and ensure that the subnets, route tables, network ACLs, and gateways are correctly set up. After testing the configuration, the network administrator can check the template into the central source control system. Here’s an excerpt from one of the new sample VPC templates that describes a VPC resource:
“Type” : “AWS::EC2::VPC” ,
“Properties” : {
“CidrBlock” : “10.0.0.0/16” ,
“Tags” : [
{ “Key” : “Application” , “Value” : { “Ref” : “AWS::StackName” } } ,
{ “Key” : “Network” , “Value” : “Public” }
]
}
} ,
A developer can then check out the template from source control and add the resources needed to run the application inside the VPC. Heres an excerpt from the new sample VPC templates that describes application resources:
“Type” : “AWS::AutoScaling::AutoScalingGroup” ,
“Properties” : {
“AvailabilityZones” : [ { “Fn::GetAtt” : [ “PrivateSubnet” , “AvailabilityZone” ] } ] ,
“VPCZoneIdentifier” : [ { “Ref” : “PrivateSubnet” } ] ,
“LaunchConfigurationName” : { “Ref” : “LaunchConfig” } ,
“MinSize” : “1” ,
“MaxSize” : “10” ,
“DesiredCapacity” : { “Ref” : “InstanceCount” } ,
“LoadBalancerNames” : [ { “Ref” : “ElasticLoadBalancer” } ] ,
“Tags” : [ { “Key” : “Network” , “Value” : “Public” , “PropagateAtLaunch” : “true” } ]
}
}
Notice how the developers WebServerGroup references the VPCZoneIdentifier created by the network administrator.
Here are two new sample templates that weve cooked up to get you started:
- VPC with a single EC2 Instance.
- VPC with public and private subnets, an Elastic load Balancer, and an EC2 instance.
Read the CloudFormation documentation to learn more.
— Jeff;