CloudFormationでVPC peeringを設定する
はじめに
昨日CloudFormationのUpdateが発表され、VPC peeringが作成出来るようになりました。他にも様々な拡張がされています。
ということで、早速VPC peeringを試してみたいと思います!
構成
VPCを2つ作成し、それぞれのVPCの中に1つのSubnetを作り、VPC peeringで接続するだけの単純なサンプル構成です。
EC2も作らないので、動作確認したい場合はInternetGatewayを作ってRouteTableにデフォルトゲートウェイとして追加して、EC2をポチっとLaunchして下さい。
CloudFormation Template
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Creates a VPC Peering.",
"Parameters": {
"VPC1CIDR": {
"Description": "The IP address range for VPC1.",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "10.1.0.0/16",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
},
"VPC2CIDR": {
"Description": "The IP address range for VPC2.",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "10.2.0.0/16",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
},
"VPC1SubnetCIDR": {
"Description": "The IP address range for subnet in VPC1.",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "10.1.1.0/24",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
},
"VPC2SubnetCIDR": {
"Description": "The IP address range for subnet in VPC2.",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "10.2.1.0/24",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
},
"Resources": {
"VPC1": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": {"Ref": "VPC1CIDR"},
"InstanceTenancy": "default"
}
},
"VPC1Subnet" : {
"Type" : "AWS::EC2::Subnet",
"Properties" : {
"VpcId" : { "Ref" : "VPC1" },
"CidrBlock" : {"Ref": "VPC1SubnetCIDR"}
}
},
"VPC1SubnetRouteTable" : {
"Type" : "AWS::EC2::RouteTable",
"Properties" : {
"VpcId" : {"Ref" : "VPC1"}
}
},
"PeeringRoute1" : {
"Type" : "AWS::EC2::Route",
"Properties" : {
"DestinationCidrBlock": { "Ref" : "VPC2CIDR" },
"RouteTableId" : { "Ref" : "VPC1SubnetRouteTable" },
"VpcPeeringConnectionId" : { "Ref" : "VPCPeeringConnection" }
}
},
"VPC1SubnetRouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "VPC1Subnet" },
"RouteTableId" : { "Ref" : "VPC1SubnetRouteTable" }
}
},
"VPC2": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": {"Ref": "VPC2CIDR"},
"InstanceTenancy": "default"
}
},
"VPC2Subnet": {
"Type" : "AWS::EC2::Subnet",
"Properties" : {
"VpcId" : { "Ref" : "VPC2" },
"CidrBlock" : {"Ref": "VPC2SubnetCIDR"}
}
},
"VPC2SubnetRouteTable" : {
"Type" : "AWS::EC2::RouteTable",
"Properties" : {
"VpcId" : {"Ref" : "VPC2"}
}
},
"PeeringRoute2" : {
"Type" : "AWS::EC2::Route",
"Properties" : {
"DestinationCidrBlock": { "Ref" : "VPC1CIDR" },
"RouteTableId" : { "Ref" : "VPC2SubnetRouteTable" },
"VpcPeeringConnectionId" : { "Ref" : "VPCPeeringConnection" }
}
},
"VPCPeeringConnection": {
"Type": "AWS::EC2::VPCPeeringConnection",
"Properties": {
"VpcId": {"Ref": "VPC1"},
"PeerVpcId": {"Ref": "VPC2"}
}
},
"VPC2SubnetRouteTableAssociation" : {
"Type" : "AWS::EC2::SubnetRouteTableAssociation",
"Properties" : {
"SubnetId" : { "Ref" : "VPC2Subnet" },
"RouteTableId" : { "Ref" : "VPC2SubnetRouteTable" }
}
}
}
}
まとめ
AWSのサービスアップデートのスピードはとても早いものですが、CloudFormationも多少の時期のズレはあるもののどんどん追従してアップデートしています。今後のCloudFormationの機能拡張も期待しています!
![[アップデート] AWS CDK でリプレースメントタイプの更新が含まれている場合に自動的に `--no-rollback` フラグを無効にするか、ユーザーに確認を求める機能が追加されました](https://images.ctfassets.net/ct0aopd36mqt/wp-thumbnail-5cf97530609f228b0c0aa35bb42ef118/177aae4f779b47783f481bd82859ff0b/aws-cdk)
