CloudFormationでVPC peeringを設定する

はじめに

昨日CloudFormationのUpdateが発表され、VPC peeringが作成出来るようになりました。他にも様々な拡張がされています。

ということで、早速VPC peeringを試してみたいと思います!

構成

VPCを2つ作成し、それぞれのVPCの中に1つのSubnetを作り、VPC peeringで接続するだけの単純なサンプル構成です。

EC2も作らないので、動作確認したい場合はInternetGatewayを作ってRouteTableにデフォルトゲートウェイとして追加して、EC2をポチっとLaunchして下さい。

AWS_Design_Untitled_-_Cacoo

CloudFormation Template

{
    "AWSTemplateFormatVersion": "2010-09-09",
    "Description": "Creates a VPC Peering.",
    "Parameters": {
        "VPC1CIDR": {
            "Description": "The IP address range for VPC1.",
            "Type": "String",
            "MinLength": "9",
            "MaxLength": "18",
            "Default": "10.1.0.0/16",
            "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
            "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
        },
        "VPC2CIDR": {
            "Description": "The IP address range for VPC2.",
            "Type": "String",
            "MinLength": "9",
            "MaxLength": "18",
            "Default": "10.2.0.0/16",
            "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
            "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
        },
        "VPC1SubnetCIDR": {
            "Description": "The IP address range for subnet in VPC1.",
            "Type": "String",
            "MinLength": "9",
            "MaxLength": "18",
            "Default": "10.1.1.0/24",
            "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
            "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
        },
        "VPC2SubnetCIDR": {
            "Description": "The IP address range for subnet in VPC2.",
            "Type": "String",
            "MinLength": "9",
            "MaxLength": "18",
            "Default": "10.2.1.0/24",
            "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
            "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
        }
    },
    "Resources": {
        "VPC1": {
            "Type": "AWS::EC2::VPC",
            "Properties": {
                "CidrBlock": {"Ref": "VPC1CIDR"},
                "InstanceTenancy": "default"
            }
        },        
        "VPC1Subnet" : {
            "Type" : "AWS::EC2::Subnet",
            "Properties" : {
                "VpcId" : { "Ref" : "VPC1" },
                "CidrBlock" : {"Ref": "VPC1SubnetCIDR"}
            }
        },
        "VPC1SubnetRouteTable" : {
            "Type" : "AWS::EC2::RouteTable",
            "Properties" : {
                "VpcId" : {"Ref" : "VPC1"}            
            }
        },        
        "PeeringRoute1" : {
            "Type" : "AWS::EC2::Route",
            "Properties" : {
                "DestinationCidrBlock": { "Ref" : "VPC2CIDR" },
                "RouteTableId" : { "Ref" : "VPC1SubnetRouteTable" },
                "VpcPeeringConnectionId" : { "Ref" : "VPCPeeringConnection" }
            }
        },
        "VPC1SubnetRouteTableAssociation" : {
            "Type" : "AWS::EC2::SubnetRouteTableAssociation",
            "Properties" : {
                "SubnetId" : { "Ref" : "VPC1Subnet" },
                "RouteTableId" : { "Ref" : "VPC1SubnetRouteTable" }
            }
        },
        "VPC2": {
            "Type": "AWS::EC2::VPC",
            "Properties": {
                "CidrBlock": {"Ref": "VPC2CIDR"},
                "InstanceTenancy": "default"
            }
        },        
        "VPC2Subnet": {
            "Type" : "AWS::EC2::Subnet",
            "Properties" : {
                "VpcId" : { "Ref" : "VPC2" },
                "CidrBlock" : {"Ref": "VPC2SubnetCIDR"}
            }
        },
        "VPC2SubnetRouteTable" : {
            "Type" : "AWS::EC2::RouteTable",
            "Properties" : {
                "VpcId" : {"Ref" : "VPC2"}            
            }
        },  
        "PeeringRoute2" : {
            "Type" : "AWS::EC2::Route",
            "Properties" : {
                "DestinationCidrBlock": { "Ref" : "VPC1CIDR" },
                "RouteTableId" : { "Ref" : "VPC2SubnetRouteTable" },
                "VpcPeeringConnectionId" : { "Ref" : "VPCPeeringConnection" }
            }
        },
        "VPCPeeringConnection": {
            "Type": "AWS::EC2::VPCPeeringConnection",
            "Properties": {
                "VpcId": {"Ref": "VPC1"},
                "PeerVpcId": {"Ref": "VPC2"}
            }
        },
        "VPC2SubnetRouteTableAssociation" : {
            "Type" : "AWS::EC2::SubnetRouteTableAssociation",
            "Properties" : {
                "SubnetId" : { "Ref" : "VPC2Subnet" },
                "RouteTableId" : { "Ref" : "VPC2SubnetRouteTable" }
            }
        }
    }
}

まとめ

AWSのサービスアップデートのスピードはとても早いものですが、CloudFormationも多少の時期のズレはあるもののどんどん追従してアップデートしています。今後のCloudFormationの機能拡張も期待しています!