├── .DS_Store ├── 01_INTRODUCTION ├── .DS_Store ├── 00_LEARNINGAIDS │ └── placeholder.md └── placeholder.md ├── 02_COURSEFUNDAMENTALS ├── .DS_Store ├── 00_LEARNINGAIDS │ └── placeholder.md └── placeholder.md ├── 03_NETWORKING_FUNDAMENTALS ├── .DS_Store └── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── DDOS1.png │ ├── DDOS2.png │ ├── DDOS3.png │ ├── DDOS4.png │ ├── FibreCable1.png │ ├── FibreCable2.png │ ├── IPAddressing.png │ ├── JumboFrames.png │ ├── Layer1Physical.png │ ├── Layer1Physical2.png │ ├── Layer2DataLink.png │ ├── Layer2DataLink2.png │ ├── Layer2DataLink3.png │ ├── Layer2DataLink4.png │ ├── Layer2DataLink5.png │ ├── Layer3Network.png │ ├── Layer3Network2.png │ ├── Layer3Network3.png │ ├── Layer3Network4.png │ ├── Layer3Network5.png │ ├── Layer4Transport.png │ ├── Layer4Transport2.png │ ├── Layer4Transport3.png │ ├── Layer4Transport4.png │ ├── Layer5Session.png │ ├── NAT1.png │ ├── NAT2.png │ ├── NAT3.png │ ├── OSI7LayerModel.png │ ├── SSLandTLS.png │ ├── SubnetMask.png │ ├── VLAN1.png │ ├── VLAN2.png │ ├── VLAN3.png │ ├── VLAN4.png │ └── VLAN5.png ├── 04_VPC ├── .DS_Store ├── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── DHCPinaVPC.png │ ├── IPPlanning1.png │ ├── IPPlanning2.png │ ├── IPPlanning3.png │ ├── NACL1.png │ ├── NACL2.png │ ├── SecurityGroups1.png │ ├── SecurityGroups2.png │ ├── SecurityGroups3.png │ ├── SecurityGroups4.png │ ├── StatefulvsStateless1.png │ ├── StatefulvsStateless2.png │ ├── StatefulvsStateless3.png │ ├── StatefulvsStateless4.png │ ├── StatefulvsStateless5.png │ ├── VPCFlowLogs.png │ ├── VPCFlowLogs2.png │ ├── VPCRefresher.png │ └── VPCRouter.png ├── IP_Range_Planning │ ├── A4L_IPPlan.numbers │ ├── A4L_IPPlan.pdf │ └── A4L_IPPlan.xlsx └── VPC_Subnets │ └── subnets.txt ├── 05_VPC_PUBLIC_NETWORKING ├── .DS_Store ├── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── BYOIP1.png │ ├── BYOIP2.png │ ├── BYOIP3.png │ ├── BYOIP4.png │ ├── BastionHosts.png │ ├── IGW1.png │ ├── IGW2.png │ ├── IGW3.png │ ├── NAT1.png │ ├── NAT2.png │ └── NAT3.png ├── IPv6_Migration │ ├── .DS_Store │ ├── IPv6Migration.yaml │ └── website │ │ ├── index.html │ │ └── minimal.jpg └── placeholder.md ├── 06_VPC_ENDPOINTS ├── .DS_Store └── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── GatewayEndpoints.png │ ├── InterfaceEndpoints.png │ └── PrivateLink.png ├── 07_EC2_and_VPC_NETWORKING_DEEPDIVE ├── .DS_Store └── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── EFA1.png │ ├── EFA2.png │ ├── EnhancedNetworking1.png │ ├── EnhancedNetworking2.png │ ├── EnhancedNetworking3.png │ └── EnhancedNetworking4.png ├── 08_NETWORK_AUTOMATION ├── .DS_Store └── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── CloudFormation-NestedStacks.png │ ├── CloudFormationConditions.png │ ├── CloudFormationDependsOn.png │ ├── CloudFormationFunctions1.png │ ├── CloudFormationFunctions2.png │ ├── CloudFormationFunctions3.png │ ├── CloudFormationFunctions4.png │ ├── CloudFormationFunctions5.png │ ├── CloudFormationLogicalAndPhysicalResources.png │ ├── CloudFormationLogicalAndPhysicalResources2.png │ ├── CloudFormationMappings.png │ ├── CloudFormationOutputs.png │ ├── CloudFormationPseudoParameters.png │ └── CloudFormationTemplateParameters.png ├── 09_ELB ├── .DS_Store └── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── ALBArchitecture1.png │ ├── ALBArchitecture2.png │ ├── ALBArchitecture3.png │ ├── ELBArchitecture1.png │ ├── ELBArchitecture2.png │ ├── ELBArchitecture3.png │ ├── GWLB1.png │ ├── GWLB2.png │ ├── GWLB3.png │ └── XForwardedFor&Proxy.png ├── 10_R53 ├── .DS_Store ├── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── CloudFront3rdPartyGeoLocation.png │ ├── CloudFrontArchitecture1.png │ ├── CloudFrontArchitecture2.png │ ├── CloudFrontGeoRestriction.png │ ├── CloudFrontSSLSNI.png │ ├── CloudFrontSecuringContent1.png │ ├── CloudFrontSecuringContent2.png │ ├── CloudFrontSecuringContent3.png │ ├── CloudFrontSecuringContent4.png │ ├── CloudFrontTTL.png │ ├── FieldLevelEncryption1.png │ ├── FieldLevelEncryption2.png │ ├── LambdaAtEdge.png │ ├── R53Failover.png │ ├── R53GeoProximity.png │ ├── R53Geolocation.png │ ├── R53HealthChecks.png │ ├── R53Interoperability1.png │ ├── R53Interoperability2.png │ ├── R53Interoperability3.png │ ├── R53Latency.png │ ├── R53MultiValue.png │ ├── R53PrivateZones.png │ ├── R53PublicZones.png │ ├── R53Simple.png │ ├── R53SplitView.png │ └── R53Weighted.png ├── 01_Public_hosted_zones │ └── lesson_commands.txt ├── placeholder.md └── r53_zones_and_failover │ ├── 01_a4lwebsite │ ├── index.html │ └── minimal.jpg │ ├── 02_a4lfailover │ ├── index.html │ └── minimal.jpg │ ├── A4L_VPC_v2.yaml │ ├── A4L_WEB.yaml │ └── bucket_policy.json ├── 11_CDN ├── .DS_Store ├── 00_LEARNINGAIDS │ └── placeholder.md └── placeholder.md ├── 12_NETWORK_SECURITY_RISK_COMPLIANCE ├── .DS_Store ├── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── URLFilter.png │ └── ipranges.png └── placeholder.md ├── 13_VPC_PEERING ├── .DS_Store └── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── EdgeRouting.png │ ├── EdgeRoutingPrivate.png │ ├── OverLappingCIDR2.png │ ├── OverlappingCIDR1.png │ ├── OverlappingCIDR3.png │ ├── TransitiveRouting.png │ └── VPCPeering.png ├── 14_HYBRIDNETWORKING_VIRTUAL ├── .DS_Store ├── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── ClientVPN1.png │ ├── ClientVPN2.png │ ├── IPSECvpn.png │ ├── IPSECvpn2.png │ ├── IPSECvpn3.png │ ├── IPSECvpn4.png │ ├── TGWRouting.png │ ├── VGWDeepDive.png │ └── VPNCloudHub.png ├── 01_Static_Site2SiteVPN │ └── placeholder.md ├── 02_Dynamic_Site2SiteVPN │ └── placeholder.md ├── 03_HybridNetwork_using_TGW │ └── placeholder.md ├── 04_ClientVPN │ └── placeholder.md └── 05_SoftwareVPN_using_OpenVPN │ └── placeholder.md ├── 15_HYBRIDNETWORKING_PHYSICAL ├── .DS_Store └── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── DXBFD.png │ ├── DXBGPCommunities.png │ ├── DXBGPSessonVLAN.png │ ├── DXConcepts.png │ ├── DXConnectionProcess.png │ ├── DXGateway2.png │ ├── DXGateway4.png │ ├── DXGateway5.png │ ├── DXGateway6.png │ ├── DXGateway7.png │ ├── DXMACSec.png │ ├── DXMACSec4.png │ ├── DXMACsec3.png │ ├── DXMacSec2.png │ ├── DXPrivateVIFS.png │ ├── DXPublicVIFS.png │ ├── DXPublicVIFVPN.png │ ├── DXgateway.png │ └── DXgateway3.png ├── 16_HYBRIDSERVICES ├── .DS_Store └── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── ADConnector.png │ ├── FSX.png │ ├── MIcrosoftAD.png │ ├── StorageGatewayFile1.png │ ├── StorageGatewayFile2.png │ ├── StorageGatewayVTL1.png │ ├── StorageGatewayVTL2.png │ ├── StorageGatewayVolume1.png │ ├── StorageGatewayVolume2.png │ └── Workspaces.png ├── 17_NETWORK_BILLING ├── .DS_Store └── 00_LEARNINGAIDS │ ├── .DS_Store │ ├── DirectConnectBilling1.png │ ├── DirectConnectBilling2.png │ ├── TransitGatewayBilling1.png │ └── TransitGatewayBilling2.png ├── 18_DR ├── .DS_Store ├── 00_LEARNINGAIDS │ └── placeholder.md └── placeholder.md ├── 19_EXAMPREP ├── .DS_Store ├── 00_LEARNINGAIDS │ └── placeholder.md └── placeholder.md ├── 20_FINISHINGUP ├── .DS_Store ├── 00_LEARNINGAIDS │ └── placeholder.md └── placeholder.md ├── LICENSE ├── README.md └── VPCMasterTemplate.yaml /.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/.DS_Store -------------------------------------------------------------------------------- /01_INTRODUCTION/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/01_INTRODUCTION/.DS_Store -------------------------------------------------------------------------------- /01_INTRODUCTION/00_LEARNINGAIDS/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/01_INTRODUCTION/00_LEARNINGAIDS/placeholder.md -------------------------------------------------------------------------------- /01_INTRODUCTION/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/01_INTRODUCTION/placeholder.md -------------------------------------------------------------------------------- /02_COURSEFUNDAMENTALS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/02_COURSEFUNDAMENTALS/.DS_Store -------------------------------------------------------------------------------- /02_COURSEFUNDAMENTALS/00_LEARNINGAIDS/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/02_COURSEFUNDAMENTALS/00_LEARNINGAIDS/placeholder.md -------------------------------------------------------------------------------- /02_COURSEFUNDAMENTALS/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/02_COURSEFUNDAMENTALS/placeholder.md -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/.DS_Store -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/DDOS1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/DDOS1.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/DDOS2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/DDOS2.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/DDOS3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/DDOS3.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/DDOS4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/DDOS4.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/FibreCable1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/FibreCable1.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/FibreCable2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/FibreCable2.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/IPAddressing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/IPAddressing.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/JumboFrames.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/JumboFrames.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer1Physical.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer1Physical.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer1Physical2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer1Physical2.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer2DataLink.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer2DataLink.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer2DataLink2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer2DataLink2.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer2DataLink3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer2DataLink3.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer2DataLink4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer2DataLink4.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer2DataLink5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer2DataLink5.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer3Network.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer3Network.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer3Network2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer3Network2.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer3Network3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer3Network3.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer3Network4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer3Network4.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer3Network5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer3Network5.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer4Transport.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer4Transport.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer4Transport2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer4Transport2.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer4Transport3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer4Transport3.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer4Transport4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer4Transport4.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer5Session.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/Layer5Session.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/NAT1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/NAT1.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/NAT2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/NAT2.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/NAT3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/NAT3.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/OSI7LayerModel.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/OSI7LayerModel.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/SSLandTLS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/SSLandTLS.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/SubnetMask.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/SubnetMask.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/VLAN1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/VLAN1.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/VLAN2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/VLAN2.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/VLAN3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/VLAN3.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/VLAN4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/VLAN4.png -------------------------------------------------------------------------------- /03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/VLAN5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/03_NETWORKING_FUNDAMENTALS/00_LEARNINGAIDS/VLAN5.png -------------------------------------------------------------------------------- /04_VPC/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/.DS_Store -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/DHCPinaVPC.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/DHCPinaVPC.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/IPPlanning1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/IPPlanning1.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/IPPlanning2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/IPPlanning2.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/IPPlanning3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/IPPlanning3.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/NACL1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/NACL1.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/NACL2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/NACL2.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/SecurityGroups1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/SecurityGroups1.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/SecurityGroups2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/SecurityGroups2.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/SecurityGroups3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/SecurityGroups3.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/SecurityGroups4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/SecurityGroups4.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/StatefulvsStateless1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/StatefulvsStateless1.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/StatefulvsStateless2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/StatefulvsStateless2.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/StatefulvsStateless3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/StatefulvsStateless3.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/StatefulvsStateless4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/StatefulvsStateless4.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/StatefulvsStateless5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/StatefulvsStateless5.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/VPCFlowLogs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/VPCFlowLogs.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/VPCFlowLogs2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/VPCFlowLogs2.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/VPCRefresher.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/VPCRefresher.png -------------------------------------------------------------------------------- /04_VPC/00_LEARNINGAIDS/VPCRouter.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/00_LEARNINGAIDS/VPCRouter.png -------------------------------------------------------------------------------- /04_VPC/IP_Range_Planning/A4L_IPPlan.numbers: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/IP_Range_Planning/A4L_IPPlan.numbers -------------------------------------------------------------------------------- /04_VPC/IP_Range_Planning/A4L_IPPlan.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/IP_Range_Planning/A4L_IPPlan.pdf -------------------------------------------------------------------------------- /04_VPC/IP_Range_Planning/A4L_IPPlan.xlsx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/04_VPC/IP_Range_Planning/A4L_IPPlan.xlsx -------------------------------------------------------------------------------- /04_VPC/VPC_Subnets/subnets.txt: -------------------------------------------------------------------------------- 1 | NAME CIDR AZ CustomIPv6Value 2 | 3 | sn-reserved-A 10.16.0.0/20 AZA IPv6 00 4 | sn-db-A 10.16.16.0/20 AZA IPv6 01 5 | sn-app-A 10.16.32.0/20 AZA IPv6 02 6 | sn-web-A 10.16.48.0/20 AZA IPv6 03 7 | 8 | sn-reserved-B 10.16.64.0/20 AZB IPv6 04 9 | sn-db-B 10.16.80.0/20 AZB IPv6 05 10 | sn-app-B 10.16.96.0/20 AZB IPv6 06 11 | sn-web-B 10.16.112.0/20 AZB IPv6 07 12 | 13 | sn-reserved-C 10.16.128.0/20 AZC IPv6 08 14 | sn-db-C 10.16.144.0/20 AZC IPv6 09 15 | sn-app-C 10.16.160.0/20 AZC IPv6 0A 16 | sn-web-C 10.16.176.0/20 AZC IPv6 0B 17 | 18 | Remember to enable auto assign ipv6 on every subnet you create. -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/.DS_Store -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/BYOIP1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/BYOIP1.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/BYOIP2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/BYOIP2.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/BYOIP3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/BYOIP3.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/BYOIP4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/BYOIP4.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/BastionHosts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/BastionHosts.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/IGW1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/IGW1.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/IGW2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/IGW2.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/IGW3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/IGW3.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/NAT1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/NAT1.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/NAT2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/NAT2.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/NAT3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/00_LEARNINGAIDS/NAT3.png -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/IPv6_Migration/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/IPv6_Migration/.DS_Store -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/IPv6_Migration/IPv6Migration.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: "2010-09-09" 2 | Description: "A4L IPv6 Migration Demo" 3 | Parameters: 4 | VPCCIDR: 5 | Type: "String" 6 | Description: "IP Address range for the VPC" 7 | MinLength: "9" 8 | MaxLength: "18" 9 | Default: "10.16.0.0/16" 10 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 11 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 12 | RESERVEDACIDR: 13 | Type: "String" 14 | Description: "IP Address range for A4L-SN-Reserved-A Subnet" 15 | MinLength: "9" 16 | MaxLength: "18" 17 | Default: "10.16.0.0/20" 18 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 19 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 20 | DBACIDR: 21 | Type: "String" 22 | Description: "IP Address range for A4L-SN-DB-A Subnet" 23 | MinLength: "9" 24 | MaxLength: "18" 25 | Default: "10.16.16.0/20" 26 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 27 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 28 | PRIVACIDR: 29 | Type: "String" 30 | Description: "IP Address range for A4L-SN-PRIV-A Subnet" 31 | MinLength: "9" 32 | MaxLength: "18" 33 | Default: "10.16.32.0/20" 34 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 35 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 36 | PUBACIDR: 37 | Type: "String" 38 | Description: "IP Address range for A4L-SN-PUB-A Subnet" 39 | MinLength: "9" 40 | MaxLength: "18" 41 | Default: "10.16.48.0/20" 42 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 43 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 44 | RESERVEDBCIDR: 45 | Type: "String" 46 | Description: "IP Address range for A4L-SN-Reserved-B Subnet" 47 | MinLength: "9" 48 | MaxLength: "18" 49 | Default: "10.16.64.0/20" 50 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 51 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 52 | DBBCIDR: 53 | Type: "String" 54 | Description: "IP Address range for A4L-SN-DB-B Subnet" 55 | MinLength: "9" 56 | MaxLength: "18" 57 | Default: "10.16.80.0/20" 58 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 59 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 60 | PRIVBCIDR: 61 | Type: "String" 62 | Description: "IP Address range for A4L-SN-PRIV-B Subnet" 63 | MinLength: "9" 64 | MaxLength: "18" 65 | Default: "10.16.96.0/20" 66 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 67 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 68 | PUBBCIDR: 69 | Type: "String" 70 | Description: "IP Address range for A4L-SN-PUB-B Subnet" 71 | MinLength: "9" 72 | MaxLength: "18" 73 | Default: "10.16.112.0/20" 74 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 75 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 76 | RESERVEDCCIDR: 77 | Type: "String" 78 | Description: "IP Address range for A4L-SN-Reserved-C Subnet" 79 | MinLength: "9" 80 | MaxLength: "18" 81 | Default: "10.16.128.0/20" 82 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 83 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 84 | DBCCIDR: 85 | Type: "String" 86 | Description: "IP Address range for A4L-SN-DB-C Subnet" 87 | MinLength: "9" 88 | MaxLength: "18" 89 | Default: "10.16.144.0/20" 90 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 91 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 92 | PRIVCCIDR: 93 | Type: "String" 94 | Description: "IP Address range for A4L-SN-PRIV-C Subnet" 95 | MinLength: "9" 96 | MaxLength: "18" 97 | Default: "10.16.160.0/20" 98 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 99 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 100 | PUBCCIDR: 101 | Type: "String" 102 | Description: "IP Address range for A4L-SN-PUB-C Subnet" 103 | MinLength: "9" 104 | MaxLength: "18" 105 | Default: "10.16.176.0/20" 106 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 107 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 108 | AddSSMEndpoints: 109 | Type: "String" 110 | Description: "Create SSM Endpoints for public and private instance management" 111 | AllowedValues: 112 | - true 113 | Default: true 114 | LatestAmiId: 115 | Description: AMI for any EC2 Instances (if applicable) (default is latest AmaLinux2) 116 | Type: 'AWS::SSM::Parameter::Value' 117 | Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2' 118 | Ubuntu16AmiId: 119 | Description: Ubuntu 16 AMI for any EC2 Instances (if applicable) 120 | Type: 'AWS::SSM::Parameter::Value' 121 | Default: '/aws/service/canonical/ubuntu/server/16.04/stable/20210429/arm64/hvm/ebs-gp2/ami-id' 122 | Metadata: 123 | AWS::CloudFormation::Interface: 124 | ParameterGroups: 125 | - 126 | Label: 127 | default: "VPC Configuration" 128 | Parameters: 129 | - VPCCIDR 130 | - 131 | Label: 132 | default: "AZA" 133 | Parameters: 134 | - RESERVEDACIDR 135 | - DBACIDR 136 | - PRIVACIDR 137 | - PUBACIDR 138 | - 139 | Label: 140 | default: "AZB" 141 | Parameters: 142 | - RESERVEDBCIDR 143 | - DBBCIDR 144 | - PRIVBCIDR 145 | - PUBBCIDR 146 | - 147 | Label: 148 | default: "AZC" 149 | Parameters: 150 | - RESERVEDCCIDR 151 | - DBCCIDR 152 | - PRIVCCIDR 153 | - PUBCCIDR 154 | Conditions: 155 | CreateSSMEndpoints: !Equals 156 | - !Ref AddSSMEndpoints 157 | - true 158 | Resources: 159 | VPC: 160 | Type: "AWS::EC2::VPC" 161 | Properties: 162 | EnableDnsSupport: true 163 | EnableDnsHostnames: true 164 | CidrBlock: !Ref VPCCIDR 165 | Tags: 166 | - Key: "Name" 167 | Value: !Sub "${AWS::StackName}-VPC" 168 | IGW: 169 | Type: AWS::EC2::InternetGateway 170 | Properties: 171 | Tags: 172 | - Key: "Name" 173 | Value: !Sub "${AWS::StackName}-IGW" 174 | IGWAttachments: 175 | Type: AWS::EC2::VPCGatewayAttachment 176 | Properties: 177 | InternetGatewayId: !Ref IGW 178 | VpcId: !Ref VPC 179 | SubnetReservedA: 180 | Type: AWS::EC2::Subnet 181 | Properties: 182 | VpcId: !Ref VPC 183 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 184 | CidrBlock: !Ref RESERVEDACIDR 185 | Tags: 186 | - Key: Name 187 | Value: !Sub "${AWS::StackName}-SN-Reserved-A" 188 | SubnetDBA: 189 | Type: AWS::EC2::Subnet 190 | Properties: 191 | VpcId: !Ref VPC 192 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 193 | CidrBlock: !Ref DBACIDR 194 | Tags: 195 | - Key: Name 196 | Value: !Sub "${AWS::StackName}-SN-DB-A" 197 | SubnetPrivA: 198 | Type: AWS::EC2::Subnet 199 | Properties: 200 | VpcId: !Ref VPC 201 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 202 | CidrBlock: !Ref PRIVACIDR 203 | Tags: 204 | - Key: Name 205 | Value: !Sub "${AWS::StackName}-SN-PRIV-A" 206 | SubnetPubA: 207 | Type: AWS::EC2::Subnet 208 | Properties: 209 | VpcId: !Ref VPC 210 | MapPublicIpOnLaunch: true 211 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 212 | CidrBlock: !Ref PUBACIDR 213 | Tags: 214 | - Key: Name 215 | Value: !Sub "${AWS::StackName}-SN-PUB-A" 216 | SubnetReservedB: 217 | Type: AWS::EC2::Subnet 218 | Properties: 219 | VpcId: !Ref VPC 220 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 221 | CidrBlock: !Ref RESERVEDBCIDR 222 | Tags: 223 | - Key: Name 224 | Value: !Sub "${AWS::StackName}-SN-Reserved-B" 225 | SubnetDBB: 226 | Type: AWS::EC2::Subnet 227 | Properties: 228 | VpcId: !Ref VPC 229 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 230 | CidrBlock: !Ref DBBCIDR 231 | Tags: 232 | - Key: Name 233 | Value: !Sub "${AWS::StackName}-SN-DB-B" 234 | SubnetPrivB: 235 | Type: AWS::EC2::Subnet 236 | Properties: 237 | VpcId: !Ref VPC 238 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 239 | CidrBlock: !Ref PRIVBCIDR 240 | Tags: 241 | - Key: Name 242 | Value: !Sub "${AWS::StackName}-SN-PRIV-B" 243 | SubnetPubB: 244 | Type: AWS::EC2::Subnet 245 | Properties: 246 | MapPublicIpOnLaunch: true 247 | VpcId: !Ref VPC 248 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 249 | CidrBlock: !Ref PUBBCIDR 250 | Tags: 251 | - Key: Name 252 | Value: !Sub "${AWS::StackName}-SN-PUB-B" 253 | SubnetReservedC: 254 | Type: AWS::EC2::Subnet 255 | Properties: 256 | VpcId: !Ref VPC 257 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 258 | CidrBlock: !Ref RESERVEDCCIDR 259 | Tags: 260 | - Key: Name 261 | Value: !Sub "${AWS::StackName}-SN-Reserved-C" 262 | SubnetDBC: 263 | Type: AWS::EC2::Subnet 264 | Properties: 265 | VpcId: !Ref VPC 266 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 267 | CidrBlock: !Ref DBCCIDR 268 | Tags: 269 | - Key: Name 270 | Value: !Sub "${AWS::StackName}-SN-DB-C" 271 | SubnetPrivC: 272 | Type: AWS::EC2::Subnet 273 | Properties: 274 | VpcId: !Ref VPC 275 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 276 | CidrBlock: !Ref PRIVCCIDR 277 | Tags: 278 | - Key: Name 279 | Value: !Sub "${AWS::StackName}-SN-PRIV-C" 280 | SubnetPubC: 281 | Type: AWS::EC2::Subnet 282 | Properties: 283 | MapPublicIpOnLaunch: true 284 | VpcId: !Ref VPC 285 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 286 | CidrBlock: !Ref PUBCCIDR 287 | Tags: 288 | - Key: Name 289 | Value: !Sub "${AWS::StackName}-SN-PUB-C" 290 | RTRESERVEDA: 291 | Type: 'AWS::EC2::RouteTable' 292 | Properties: 293 | VpcId: !Ref VPC 294 | Tags: 295 | - Key: Name 296 | Value: !Sub "${AWS::StackName}-RT-Reserved-A" 297 | RTDBA: 298 | Type: 'AWS::EC2::RouteTable' 299 | Properties: 300 | VpcId: !Ref VPC 301 | Tags: 302 | - Key: Name 303 | Value: !Sub "${AWS::StackName}-RT-DB-A" 304 | RTPRIVA: 305 | Type: 'AWS::EC2::RouteTable' 306 | Properties: 307 | VpcId: !Ref VPC 308 | Tags: 309 | - Key: Name 310 | Value: !Sub "${AWS::StackName}-RT-PRIV-A" 311 | RTPUBA: 312 | Type: 'AWS::EC2::RouteTable' 313 | Properties: 314 | VpcId: !Ref VPC 315 | Tags: 316 | - Key: Name 317 | Value: !Sub "${AWS::StackName}-RT-PUB-A" 318 | RTRESERVEDB: 319 | Type: 'AWS::EC2::RouteTable' 320 | Properties: 321 | VpcId: !Ref VPC 322 | Tags: 323 | - Key: Name 324 | Value: !Sub "${AWS::StackName}-RT-Reserved-B" 325 | RTDBB: 326 | Type: 'AWS::EC2::RouteTable' 327 | Properties: 328 | VpcId: !Ref VPC 329 | Tags: 330 | - Key: Name 331 | Value: !Sub "${AWS::StackName}-RT-DB-B" 332 | RTPRIVB: 333 | Type: 'AWS::EC2::RouteTable' 334 | Properties: 335 | VpcId: !Ref VPC 336 | Tags: 337 | - Key: Name 338 | Value: !Sub "${AWS::StackName}-RT-PRIV-B" 339 | RTPUBB: 340 | Type: 'AWS::EC2::RouteTable' 341 | Properties: 342 | VpcId: !Ref VPC 343 | Tags: 344 | - Key: Name 345 | Value: !Sub "${AWS::StackName}-RT-PUB-B" 346 | RTRESERVEDC: 347 | Type: 'AWS::EC2::RouteTable' 348 | Properties: 349 | VpcId: !Ref VPC 350 | Tags: 351 | - Key: Name 352 | Value: !Sub "${AWS::StackName}-RT-Reserved-C" 353 | RTDBC: 354 | Type: 'AWS::EC2::RouteTable' 355 | Properties: 356 | VpcId: !Ref VPC 357 | Tags: 358 | - Key: Name 359 | Value: !Sub "${AWS::StackName}-RT-DB-C" 360 | RTPRIVC: 361 | Type: 'AWS::EC2::RouteTable' 362 | Properties: 363 | VpcId: !Ref VPC 364 | Tags: 365 | - Key: Name 366 | Value: !Sub "${AWS::StackName}-RT-PRIV-C" 367 | RTPUBC: 368 | Type: 'AWS::EC2::RouteTable' 369 | Properties: 370 | VpcId: !Ref VPC 371 | Tags: 372 | - Key: Name 373 | Value: !Sub "${AWS::StackName}-RT-PUB-C" 374 | DefaultRouteIPv4PUBA: 375 | Type : AWS::EC2::Route 376 | Properties: 377 | DestinationCidrBlock: 0.0.0.0/0 378 | GatewayId: !Ref IGW 379 | RouteTableId: !Ref RTPUBA 380 | DefaultRouteIPv4PUBB: 381 | Type : AWS::EC2::Route 382 | Properties: 383 | DestinationCidrBlock: 0.0.0.0/0 384 | GatewayId: !Ref IGW 385 | RouteTableId: !Ref RTPUBB 386 | DefaultRouteIPv4PUBC: 387 | Type : AWS::EC2::Route 388 | Properties: 389 | DestinationCidrBlock: 0.0.0.0/0 390 | GatewayId: !Ref IGW 391 | RouteTableId: !Ref RTPUBC 392 | RTAssociationRESERVEDA: 393 | Type: AWS::EC2::SubnetRouteTableAssociation 394 | Properties: 395 | SubnetId: !Ref SubnetReservedA 396 | RouteTableId: !Ref RTRESERVEDA 397 | RTAssociationDBA: 398 | Type: AWS::EC2::SubnetRouteTableAssociation 399 | Properties: 400 | SubnetId: !Ref SubnetDBA 401 | RouteTableId: !Ref RTDBA 402 | RTAssociationPRIVA: 403 | Type: AWS::EC2::SubnetRouteTableAssociation 404 | Properties: 405 | SubnetId: !Ref SubnetPrivA 406 | RouteTableId: !Ref RTPRIVA 407 | RTAssociationPUBA: 408 | Type: AWS::EC2::SubnetRouteTableAssociation 409 | Properties: 410 | SubnetId: !Ref SubnetPubA 411 | RouteTableId: !Ref RTPUBA 412 | RTAssociationRESERVEDB: 413 | Type: AWS::EC2::SubnetRouteTableAssociation 414 | Properties: 415 | SubnetId: !Ref SubnetReservedB 416 | RouteTableId: !Ref RTRESERVEDB 417 | RTAssociationDBB: 418 | Type: AWS::EC2::SubnetRouteTableAssociation 419 | Properties: 420 | SubnetId: !Ref SubnetDBB 421 | RouteTableId: !Ref RTDBB 422 | RTAssociationPRIVB: 423 | Type: AWS::EC2::SubnetRouteTableAssociation 424 | Properties: 425 | SubnetId: !Ref SubnetPrivB 426 | RouteTableId: !Ref RTPRIVB 427 | RTAssociationPUBB: 428 | Type: AWS::EC2::SubnetRouteTableAssociation 429 | Properties: 430 | SubnetId: !Ref SubnetPubB 431 | RouteTableId: !Ref RTPUBB 432 | RTAssociationRESERVEDC: 433 | Type: AWS::EC2::SubnetRouteTableAssociation 434 | Properties: 435 | SubnetId: !Ref SubnetReservedC 436 | RouteTableId: !Ref RTRESERVEDC 437 | RTAssociationDBC: 438 | Type: AWS::EC2::SubnetRouteTableAssociation 439 | Properties: 440 | SubnetId: !Ref SubnetDBC 441 | RouteTableId: !Ref RTDBC 442 | RTAssociationPRIVC: 443 | Type: AWS::EC2::SubnetRouteTableAssociation 444 | Properties: 445 | SubnetId: !Ref SubnetPrivC 446 | RouteTableId: !Ref RTPRIVC 447 | RTAssociationPUBC: 448 | Type: AWS::EC2::SubnetRouteTableAssociation 449 | Properties: 450 | SubnetId: !Ref SubnetPubC 451 | RouteTableId: !Ref RTPUBC 452 | ssminterfaceendpoint: 453 | Type: AWS::EC2::VPCEndpoint 454 | Condition: CreateSSMEndpoints 455 | Properties: 456 | VpcEndpointType: "Interface" 457 | PrivateDnsEnabled: "True" 458 | SubnetIds: 459 | - !Ref SubnetPrivA 460 | - !Ref SubnetPrivB 461 | - !Ref SubnetPrivC 462 | SecurityGroupIds: 463 | - !Ref GeneralSGIPv4 464 | ServiceName: !Sub com.amazonaws.${AWS::Region}.ssm 465 | VpcId: !Ref VPC 466 | ssmec2messagesinterfaceendpoint: 467 | Type: AWS::EC2::VPCEndpoint 468 | Condition: CreateSSMEndpoints 469 | Properties: 470 | VpcEndpointType: "Interface" 471 | PrivateDnsEnabled: "True" 472 | SubnetIds: 473 | - !Ref SubnetPrivA 474 | - !Ref SubnetPrivB 475 | - !Ref SubnetPrivC 476 | SecurityGroupIds: 477 | - !Ref GeneralSGIPv4 478 | ServiceName: !Sub com.amazonaws.${AWS::Region}.ec2messages 479 | VpcId: !Ref VPC 480 | ssmmessagesinterfaceendpoint: 481 | Type: AWS::EC2::VPCEndpoint 482 | Condition: CreateSSMEndpoints 483 | Properties: 484 | VpcEndpointType: "Interface" 485 | PrivateDnsEnabled: "True" 486 | SubnetIds: 487 | - !Ref SubnetPrivA 488 | - !Ref SubnetPrivB 489 | - !Ref SubnetPrivC 490 | SecurityGroupIds: 491 | - !Ref GeneralSGIPv4 492 | ServiceName: !Sub com.amazonaws.${AWS::Region}.ssmmessages 493 | VpcId: !Ref VPC 494 | GeneralSGIPv4: 495 | Type: 'AWS::EC2::SecurityGroup' 496 | Properties: 497 | VpcId: !Ref VPC 498 | GroupDescription: Default A4L AWS SG 499 | SecurityGroupIngress: 500 | - Description: 'Allow SSH IPv4 IN' 501 | IpProtocol: tcp 502 | FromPort: '22' 503 | ToPort: '22' 504 | CidrIp: '0.0.0.0/0' 505 | - Description: 'Allow HTTP IPv4 IN' 506 | IpProtocol: tcp 507 | FromPort: '80' 508 | ToPort: '80' 509 | CidrIp: '0.0.0.0/0' 510 | SecurityGroupEgress: 511 | - Description: 'Allow all IPv4 Out' 512 | CidrIp: 0.0.0.0/0 513 | IpProtocol: "-1" 514 | GeneralSGIPv4SelfReferenceRule: 515 | Type: "AWS::EC2::SecurityGroupIngress" 516 | Properties: 517 | GroupId: !Ref GeneralSGIPv4 518 | IpProtocol: '-1' 519 | SourceSecurityGroupId: !Ref GeneralSGIPv4 520 | NetworkAclPublic: 521 | Type: 'AWS::EC2::NetworkAcl' 522 | Properties: 523 | VpcId: !Ref VPC 524 | Tags: 525 | - Key: Name 526 | Value: A4L-NACL-PUBLIC 527 | NetworkAclPrivate: 528 | Type: 'AWS::EC2::NetworkAcl' 529 | Properties: 530 | VpcId: !Ref VPC 531 | Tags: 532 | - Key: Name 533 | Value: A4L-NACL-PRIVATE 534 | SubnetNetworkAclAssociationRESERVEDA: 535 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 536 | Properties: 537 | SubnetId: !Ref SubnetReservedA 538 | NetworkAclId: !Ref NetworkAclPrivate 539 | SubnetNetworkAclAssociationDBA: 540 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 541 | Properties: 542 | SubnetId: !Ref SubnetDBA 543 | NetworkAclId: !Ref NetworkAclPrivate 544 | SubnetNetworkAclAssociationPrivA: 545 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 546 | Properties: 547 | SubnetId: !Ref SubnetPrivA 548 | NetworkAclId: !Ref NetworkAclPrivate 549 | SubnetNetworkAclAssociationPubA: 550 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 551 | Properties: 552 | SubnetId: !Ref SubnetPubA 553 | NetworkAclId: !Ref NetworkAclPublic 554 | SubnetNetworkAclAssociationRESERVEDB: 555 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 556 | Properties: 557 | SubnetId: !Ref SubnetReservedB 558 | NetworkAclId: !Ref NetworkAclPrivate 559 | SubnetNetworkAclAssociationDBB: 560 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 561 | Properties: 562 | SubnetId: !Ref SubnetDBB 563 | NetworkAclId: !Ref NetworkAclPrivate 564 | SubnetNetworkAclAssociationPrivB: 565 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 566 | Properties: 567 | SubnetId: !Ref SubnetPrivB 568 | NetworkAclId: !Ref NetworkAclPrivate 569 | SubnetNetworkAclAssociationPubB: 570 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 571 | Properties: 572 | SubnetId: !Ref SubnetPubB 573 | NetworkAclId: !Ref NetworkAclPublic 574 | SubnetNetworkAclAssociationRESERVEDC: 575 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 576 | Properties: 577 | SubnetId: !Ref SubnetReservedC 578 | NetworkAclId: !Ref NetworkAclPrivate 579 | SubnetNetworkAclAssociationDBC: 580 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 581 | Properties: 582 | SubnetId: !Ref SubnetDBC 583 | NetworkAclId: !Ref NetworkAclPrivate 584 | SubnetNetworkAclAssociationPrivC: 585 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 586 | Properties: 587 | SubnetId: !Ref SubnetPrivC 588 | NetworkAclId: !Ref NetworkAclPrivate 589 | SubnetNetworkAclAssociationPubC: 590 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 591 | Properties: 592 | SubnetId: !Ref SubnetPubC 593 | NetworkAclId: !Ref NetworkAclPublic 594 | NACLPubAllowAllIPv4In: 595 | Type: 'AWS::EC2::NetworkAclEntry' 596 | Properties: 597 | NetworkAclId: !Ref NetworkAclPublic 598 | RuleNumber: 100 599 | Protocol: -1 600 | RuleAction: allow 601 | Egress: false 602 | CidrBlock: '0.0.0.0/0' 603 | NACLPrivAllowAllIPv4In: 604 | Type: 'AWS::EC2::NetworkAclEntry' 605 | Properties: 606 | NetworkAclId: !Ref NetworkAclPrivate 607 | RuleNumber: 100 608 | Protocol: -1 609 | RuleAction: allow 610 | Egress: false 611 | CidrBlock: '0.0.0.0/0' 612 | NACLPubAllowAllIPv4Out: 613 | Type: 'AWS::EC2::NetworkAclEntry' 614 | Properties: 615 | NetworkAclId: !Ref NetworkAclPublic 616 | RuleNumber: 100 617 | Protocol: -1 618 | RuleAction: allow 619 | Egress: true 620 | CidrBlock: '0.0.0.0/0' 621 | NACLPrivAllowAllIPv4Out: 622 | Type: 'AWS::EC2::NetworkAclEntry' 623 | Properties: 624 | NetworkAclId: !Ref NetworkAclPrivate 625 | RuleNumber: 100 626 | Protocol: -1 627 | RuleAction: allow 628 | Egress: true 629 | CidrBlock: '0.0.0.0/0' 630 | SessionManagerRole: 631 | Type: 'AWS::IAM::Role' 632 | Properties: 633 | AssumeRolePolicyDocument: 634 | Version: 2012-10-17 635 | Statement: 636 | - Effect: Allow 637 | Principal: 638 | Service: 639 | - ec2.amazonaws.com 640 | Action: 641 | - 'sts:AssumeRole' 642 | Path: / 643 | Policies: 644 | - PolicyName: root 645 | PolicyDocument: 646 | Version: 2012-10-17 647 | Statement: 648 | - Effect: Allow 649 | Action: 650 | - 'ssm:DescribeAssociation' 651 | - 'ssm:GetDeployablePatchSnapshotForInstance' 652 | - 'ssm:GetDocument' 653 | - 'ssm:DescribeDocument' 654 | - 'ssm:GetManifest' 655 | - 'ssm:GetParameter' 656 | - 'ssm:GetParameters' 657 | - 'ssm:ListAssociations' 658 | - 'ssm:ListInstanceAssociations' 659 | - 'ssm:PutInventory' 660 | - 'ssm:PutComplianceItems' 661 | - 'ssm:PutConfigurePackageResult' 662 | - 'ssm:UpdateAssociationStatus' 663 | - 'ssm:UpdateInstanceAssociationStatus' 664 | - 'ssm:UpdateInstanceInformation' 665 | Resource: '*' 666 | - Effect: Allow 667 | Action: 668 | - 'ssmmessages:CreateControlChannel' 669 | - 'ssmmessages:CreateDataChannel' 670 | - 'ssmmessages:OpenControlChannel' 671 | - 'ssmmessages:OpenDataChannel' 672 | Resource: '*' 673 | - Effect: Allow 674 | Action: 675 | - 'ec2messages:AcknowledgeMessage' 676 | - 'ec2messages:DeleteMessage' 677 | - 'ec2messages:FailMessage' 678 | - 'ec2messages:GetEndpoint' 679 | - 'ec2messages:GetMessages' 680 | - 'ec2messages:SendReply' 681 | Resource: '*' 682 | SessionManagerInstanceProfile: 683 | Type: 'AWS::IAM::InstanceProfile' 684 | Properties: 685 | Path: / 686 | Roles: 687 | - !Ref SessionManagerRole 688 | IPv4PublicEC2: 689 | Type: AWS::EC2::Instance 690 | Properties: 691 | InstanceType: "t2.micro" 692 | ImageId: !Ref LatestAmiId 693 | IamInstanceProfile: !Ref SessionManagerInstanceProfile 694 | SubnetId: !Ref SubnetPubA 695 | SecurityGroupIds: 696 | - !Ref GeneralSGIPv4 697 | Tags: 698 | - Key: Name 699 | Value: A4L-IPv4PublicEC2 700 | UserData: 701 | Fn::Base64: !Sub | 702 | #!/bin/bash -xe 703 | yum -y update 704 | yum install -y httpd wget git 705 | cd /tmp 706 | git clone https://github.com/acantril/aws-advancednetworking-specialty.git 707 | cp ./aws-advancednetworking-specialty/07_VPC_PUBLIC_NETWORKING/IPv6_Migration/website/* /var/www/html 708 | usermod -a -G apache ec2-user 709 | chown -R ec2-user:apache /var/www 710 | chmod 2775 /var/www 711 | find /var/www -type d -exec chmod 2775 {} \; 712 | find /var/www -type f -exec chmod 0664 {} \; 713 | systemctl enable httpd 714 | systemctl start httpd 715 | IPv4PrivateEC2: 716 | Type: AWS::EC2::Instance 717 | Properties: 718 | InstanceType: "t2.micro" 719 | ImageId: !Ref LatestAmiId 720 | IamInstanceProfile: !Ref SessionManagerInstanceProfile 721 | SubnetId: !Ref SubnetPrivA 722 | SecurityGroupIds: 723 | - !Ref GeneralSGIPv4 724 | Tags: 725 | - Key: Name 726 | Value: A4L-IPv4PrivateEC2 727 | IPv4PrivateEC2Ubuntu: 728 | Type: AWS::EC2::Instance 729 | Properties: 730 | InstanceType: "t2.micro" 731 | ImageId: !Ref Ubuntu16AmiId 732 | IamInstanceProfile: !Ref SessionManagerInstanceProfile 733 | SubnetId: !Ref SubnetPrivA 734 | SecurityGroupIds: 735 | - !Ref GeneralSGIPv4 736 | Tags: 737 | - Key: Name 738 | Value: A4L-IPv4PrivateEC2Ubuntu 739 | 740 | -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/IPv6_Migration/website/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | Animals4life.org Super Minimal Homepage 4 | 5 | 6 |

Animals4Life.org Super Minimal Homepage

7 |
8 | 9 | -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/IPv6_Migration/website/minimal.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/IPv6_Migration/website/minimal.jpg -------------------------------------------------------------------------------- /05_VPC_PUBLIC_NETWORKING/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/05_VPC_PUBLIC_NETWORKING/placeholder.md -------------------------------------------------------------------------------- /06_VPC_ENDPOINTS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/06_VPC_ENDPOINTS/.DS_Store -------------------------------------------------------------------------------- /06_VPC_ENDPOINTS/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/06_VPC_ENDPOINTS/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /06_VPC_ENDPOINTS/00_LEARNINGAIDS/GatewayEndpoints.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/06_VPC_ENDPOINTS/00_LEARNINGAIDS/GatewayEndpoints.png -------------------------------------------------------------------------------- /06_VPC_ENDPOINTS/00_LEARNINGAIDS/InterfaceEndpoints.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/06_VPC_ENDPOINTS/00_LEARNINGAIDS/InterfaceEndpoints.png -------------------------------------------------------------------------------- /06_VPC_ENDPOINTS/00_LEARNINGAIDS/PrivateLink.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/06_VPC_ENDPOINTS/00_LEARNINGAIDS/PrivateLink.png -------------------------------------------------------------------------------- /07_EC2_and_VPC_NETWORKING_DEEPDIVE/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/07_EC2_and_VPC_NETWORKING_DEEPDIVE/.DS_Store -------------------------------------------------------------------------------- /07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EFA1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EFA1.png -------------------------------------------------------------------------------- /07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EFA2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EFA2.png -------------------------------------------------------------------------------- /07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EnhancedNetworking1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EnhancedNetworking1.png -------------------------------------------------------------------------------- /07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EnhancedNetworking2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EnhancedNetworking2.png -------------------------------------------------------------------------------- /07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EnhancedNetworking3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EnhancedNetworking3.png -------------------------------------------------------------------------------- /07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EnhancedNetworking4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/07_EC2_and_VPC_NETWORKING_DEEPDIVE/00_LEARNINGAIDS/EnhancedNetworking4.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/.DS_Store -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormation-NestedStacks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormation-NestedStacks.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationConditions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationConditions.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationDependsOn.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationDependsOn.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationFunctions1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationFunctions1.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationFunctions2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationFunctions2.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationFunctions3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationFunctions3.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationFunctions4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationFunctions4.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationFunctions5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationFunctions5.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationLogicalAndPhysicalResources.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationLogicalAndPhysicalResources.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationLogicalAndPhysicalResources2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationLogicalAndPhysicalResources2.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationMappings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationMappings.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationOutputs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationOutputs.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationPseudoParameters.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationPseudoParameters.png -------------------------------------------------------------------------------- /08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationTemplateParameters.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/08_NETWORK_AUTOMATION/00_LEARNINGAIDS/CloudFormationTemplateParameters.png -------------------------------------------------------------------------------- /09_ELB/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/.DS_Store -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/ALBArchitecture1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/ALBArchitecture1.png -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/ALBArchitecture2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/ALBArchitecture2.png -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/ALBArchitecture3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/ALBArchitecture3.png -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/ELBArchitecture1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/ELBArchitecture1.png -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/ELBArchitecture2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/ELBArchitecture2.png -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/ELBArchitecture3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/ELBArchitecture3.png -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/GWLB1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/GWLB1.png -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/GWLB2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/GWLB2.png -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/GWLB3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/GWLB3.png -------------------------------------------------------------------------------- /09_ELB/00_LEARNINGAIDS/XForwardedFor&Proxy.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/09_ELB/00_LEARNINGAIDS/XForwardedFor&Proxy.png -------------------------------------------------------------------------------- /10_R53/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/.DS_Store -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/CloudFront3rdPartyGeoLocation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/CloudFront3rdPartyGeoLocation.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/CloudFrontArchitecture1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/CloudFrontArchitecture1.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/CloudFrontArchitecture2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/CloudFrontArchitecture2.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/CloudFrontGeoRestriction.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/CloudFrontGeoRestriction.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/CloudFrontSSLSNI.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/CloudFrontSSLSNI.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/CloudFrontSecuringContent1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/CloudFrontSecuringContent1.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/CloudFrontSecuringContent2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/CloudFrontSecuringContent2.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/CloudFrontSecuringContent3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/CloudFrontSecuringContent3.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/CloudFrontSecuringContent4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/CloudFrontSecuringContent4.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/CloudFrontTTL.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/CloudFrontTTL.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/FieldLevelEncryption1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/FieldLevelEncryption1.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/FieldLevelEncryption2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/FieldLevelEncryption2.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/LambdaAtEdge.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/LambdaAtEdge.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53Failover.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53Failover.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53GeoProximity.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53GeoProximity.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53Geolocation.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53Geolocation.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53HealthChecks.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53HealthChecks.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53Interoperability1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53Interoperability1.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53Interoperability2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53Interoperability2.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53Interoperability3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53Interoperability3.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53Latency.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53Latency.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53MultiValue.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53MultiValue.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53PrivateZones.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53PrivateZones.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53PublicZones.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53PublicZones.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53Simple.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53Simple.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53SplitView.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53SplitView.png -------------------------------------------------------------------------------- /10_R53/00_LEARNINGAIDS/R53Weighted.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/00_LEARNINGAIDS/R53Weighted.png -------------------------------------------------------------------------------- /10_R53/01_Public_hosted_zones/lesson_commands.txt: -------------------------------------------------------------------------------- 1 | Clearing DNS Cache macOS : sudo killall -HUP mDNSResponder 2 | 3 | Clearing DNS Cache Windows: ipconfig /flushdns 4 | 5 | Clearing DNS Cache Ubuntu : sudo /etc/init.d/dns-clean restart -------------------------------------------------------------------------------- /10_R53/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/placeholder.md -------------------------------------------------------------------------------- /10_R53/r53_zones_and_failover/01_a4lwebsite/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | Animals4life.org Super Minimal Homepage 4 | 5 | 6 |

Animals4Life.org Super Minimal Homepage

7 |
8 | 9 | -------------------------------------------------------------------------------- /10_R53/r53_zones_and_failover/01_a4lwebsite/minimal.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/r53_zones_and_failover/01_a4lwebsite/minimal.jpg -------------------------------------------------------------------------------- /10_R53/r53_zones_and_failover/02_a4lfailover/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | Animals4life.org Super Minimal FailoverPage 4 | 5 | 6 |

Animals4Life.org Super Minimal FailoverPage

7 |
8 | 9 | -------------------------------------------------------------------------------- /10_R53/r53_zones_and_failover/02_a4lfailover/minimal.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/10_R53/r53_zones_and_failover/02_a4lfailover/minimal.jpg -------------------------------------------------------------------------------- /10_R53/r53_zones_and_failover/A4L_VPC_v2.yaml: -------------------------------------------------------------------------------- 1 | 2 | Description: Animals4Life base VPC Template 3 | Resources: 4 | VPC: 5 | Type: AWS::EC2::VPC 6 | Properties: 7 | CidrBlock: 10.16.0.0/16 8 | EnableDnsSupport: true 9 | EnableDnsHostnames: true 10 | Tags: 11 | - Key: Name 12 | Value: a4l-vpc1 13 | IPv6CidrBlock: 14 | Type: AWS::EC2::VPCCidrBlock 15 | Properties: 16 | VpcId: !Ref VPC 17 | AmazonProvidedIpv6CidrBlock: true 18 | InternetGateway: 19 | Type: 'AWS::EC2::InternetGateway' 20 | Properties: 21 | Tags: 22 | - Key: Name 23 | Value: A4L-vpc1-igw 24 | InternetGatewayAttachment: 25 | Type: 'AWS::EC2::VPCGatewayAttachment' 26 | Properties: 27 | VpcId: !Ref VPC 28 | InternetGatewayId: !Ref InternetGateway 29 | RouteTableWeb: 30 | Type: 'AWS::EC2::RouteTable' 31 | Properties: 32 | VpcId: !Ref VPC 33 | Tags: 34 | - Key: Name 35 | Value: A4L-vpc1-rt-web 36 | RouteTableWebDefaultIPv4: 37 | Type: 'AWS::EC2::Route' 38 | DependsOn: InternetGatewayAttachment 39 | Properties: 40 | RouteTableId: 41 | Ref: RouteTableWeb 42 | DestinationCidrBlock: '0.0.0.0/0' 43 | GatewayId: 44 | Ref: InternetGateway 45 | RouteTableWebDefaultIPv6: 46 | Type: 'AWS::EC2::Route' 47 | DependsOn: InternetGatewayAttachment 48 | Properties: 49 | RouteTableId: 50 | Ref: RouteTableWeb 51 | DestinationIpv6CidrBlock: '::/0' 52 | GatewayId: 53 | Ref: InternetGateway 54 | RouteTableAssociationWebA: 55 | Type: 'AWS::EC2::SubnetRouteTableAssociation' 56 | Properties: 57 | SubnetId: !Ref SubnetWEBA 58 | RouteTableId: 59 | Ref: RouteTableWeb 60 | RouteTableAssociationWebB: 61 | Type: 'AWS::EC2::SubnetRouteTableAssociation' 62 | Properties: 63 | SubnetId: !Ref SubnetWEBB 64 | RouteTableId: 65 | Ref: RouteTableWeb 66 | RouteTableAssociationWebC: 67 | Type: 'AWS::EC2::SubnetRouteTableAssociation' 68 | Properties: 69 | SubnetId: !Ref SubnetWEBC 70 | RouteTableId: 71 | Ref: RouteTableWeb 72 | SubnetReservedA: 73 | Type: AWS::EC2::Subnet 74 | DependsOn: IPv6CidrBlock 75 | Properties: 76 | VpcId: !Ref VPC 77 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 78 | CidrBlock: 10.16.0.0/20 79 | AssignIpv6AddressOnCreation: true 80 | Ipv6CidrBlock: 81 | Fn::Sub: 82 | - "${VpcPart}${SubnetPart}" 83 | - SubnetPart: '00::/64' 84 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 85 | Tags: 86 | - Key: Name 87 | Value: sn-reserved-A 88 | SubnetReservedB: 89 | Type: AWS::EC2::Subnet 90 | DependsOn: IPv6CidrBlock 91 | Properties: 92 | VpcId: !Ref VPC 93 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 94 | CidrBlock: 10.16.64.0/20 95 | AssignIpv6AddressOnCreation: true 96 | Ipv6CidrBlock: 97 | Fn::Sub: 98 | - "${VpcPart}${SubnetPart}" 99 | - SubnetPart: '04::/64' 100 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 101 | Tags: 102 | - Key: Name 103 | Value: sn-reserved-B 104 | SubnetReservedC: 105 | Type: AWS::EC2::Subnet 106 | DependsOn: IPv6CidrBlock 107 | Properties: 108 | VpcId: !Ref VPC 109 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 110 | CidrBlock: 10.16.128.0/20 111 | AssignIpv6AddressOnCreation: true 112 | Ipv6CidrBlock: 113 | Fn::Sub: 114 | - "${VpcPart}${SubnetPart}" 115 | - SubnetPart: '08::/64' 116 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 117 | Tags: 118 | - Key: Name 119 | Value: sn-reserved-C 120 | SubnetDBA: 121 | Type: AWS::EC2::Subnet 122 | DependsOn: IPv6CidrBlock 123 | Properties: 124 | VpcId: !Ref VPC 125 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 126 | CidrBlock: 10.16.16.0/20 127 | AssignIpv6AddressOnCreation: true 128 | Ipv6CidrBlock: 129 | Fn::Sub: 130 | - "${VpcPart}${SubnetPart}" 131 | - SubnetPart: '01::/64' 132 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 133 | Tags: 134 | - Key: Name 135 | Value: sn-db-A 136 | SubnetDBB: 137 | Type: AWS::EC2::Subnet 138 | DependsOn: IPv6CidrBlock 139 | Properties: 140 | VpcId: !Ref VPC 141 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 142 | CidrBlock: 10.16.80.0/20 143 | AssignIpv6AddressOnCreation: true 144 | Ipv6CidrBlock: 145 | Fn::Sub: 146 | - "${VpcPart}${SubnetPart}" 147 | - SubnetPart: '05::/64' 148 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 149 | Tags: 150 | - Key: Name 151 | Value: sn-db-B 152 | SubnetDBC: 153 | Type: AWS::EC2::Subnet 154 | DependsOn: IPv6CidrBlock 155 | Properties: 156 | VpcId: !Ref VPC 157 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 158 | CidrBlock: 10.16.144.0/20 159 | AssignIpv6AddressOnCreation: true 160 | Ipv6CidrBlock: 161 | Fn::Sub: 162 | - "${VpcPart}${SubnetPart}" 163 | - SubnetPart: '09::/64' 164 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 165 | Tags: 166 | - Key: Name 167 | Value: sn-db-C 168 | SubnetAPPA: 169 | Type: AWS::EC2::Subnet 170 | DependsOn: IPv6CidrBlock 171 | Properties: 172 | VpcId: !Ref VPC 173 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 174 | CidrBlock: 10.16.32.0/20 175 | AssignIpv6AddressOnCreation: true 176 | Ipv6CidrBlock: 177 | Fn::Sub: 178 | - "${VpcPart}${SubnetPart}" 179 | - SubnetPart: '02::/64' 180 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 181 | Tags: 182 | - Key: Name 183 | Value: sn-app-A 184 | SubnetAPPB: 185 | Type: AWS::EC2::Subnet 186 | DependsOn: IPv6CidrBlock 187 | Properties: 188 | VpcId: !Ref VPC 189 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 190 | CidrBlock: 10.16.96.0/20 191 | AssignIpv6AddressOnCreation: true 192 | Ipv6CidrBlock: 193 | Fn::Sub: 194 | - "${VpcPart}${SubnetPart}" 195 | - SubnetPart: '06::/64' 196 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 197 | Tags: 198 | - Key: Name 199 | Value: sn-app-B 200 | SubnetAPPC: 201 | Type: AWS::EC2::Subnet 202 | DependsOn: IPv6CidrBlock 203 | Properties: 204 | VpcId: !Ref VPC 205 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 206 | CidrBlock: 10.16.160.0/20 207 | AssignIpv6AddressOnCreation: true 208 | Ipv6CidrBlock: 209 | Fn::Sub: 210 | - "${VpcPart}${SubnetPart}" 211 | - SubnetPart: '0A::/64' 212 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 213 | Tags: 214 | - Key: Name 215 | Value: sn-app-C 216 | SubnetWEBA: 217 | Type: AWS::EC2::Subnet 218 | DependsOn: IPv6CidrBlock 219 | Properties: 220 | VpcId: !Ref VPC 221 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 222 | CidrBlock: 10.16.48.0/20 223 | MapPublicIpOnLaunch: true 224 | Ipv6CidrBlock: 225 | Fn::Sub: 226 | - "${VpcPart}${SubnetPart}" 227 | - SubnetPart: '03::/64' 228 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 229 | Tags: 230 | - Key: Name 231 | Value: sn-web-A 232 | SubnetWEBB: 233 | Type: AWS::EC2::Subnet 234 | DependsOn: IPv6CidrBlock 235 | Properties: 236 | VpcId: !Ref VPC 237 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 238 | CidrBlock: 10.16.112.0/20 239 | MapPublicIpOnLaunch: true 240 | Ipv6CidrBlock: 241 | Fn::Sub: 242 | - "${VpcPart}${SubnetPart}" 243 | - SubnetPart: '07::/64' 244 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 245 | Tags: 246 | - Key: Name 247 | Value: sn-web-B 248 | SubnetWEBC: 249 | Type: AWS::EC2::Subnet 250 | DependsOn: IPv6CidrBlock 251 | Properties: 252 | VpcId: !Ref VPC 253 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 254 | CidrBlock: 10.16.176.0/20 255 | MapPublicIpOnLaunch: true 256 | Ipv6CidrBlock: 257 | Fn::Sub: 258 | - "${VpcPart}${SubnetPart}" 259 | - SubnetPart: '0B::/64' 260 | VpcPart: !Select [ 0, !Split [ '00::/56', !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks ]]] 261 | Tags: 262 | - Key: Name 263 | Value: sn-web-C 264 | IPv6WorkaroundSubnetWEBA: 265 | Type: Custom::SubnetModify 266 | Properties: 267 | ServiceToken: !GetAtt IPv6WorkaroundLambda.Arn 268 | SubnetId: !Ref SubnetWEBA 269 | IPv6WorkaroundSubnetWEBB: 270 | Type: Custom::SubnetModify 271 | Properties: 272 | ServiceToken: !GetAtt IPv6WorkaroundLambda.Arn 273 | SubnetId: !Ref SubnetWEBB 274 | IPv6WorkaroundSubnetWEBC: 275 | Type: Custom::SubnetModify 276 | Properties: 277 | ServiceToken: !GetAtt IPv6WorkaroundLambda.Arn 278 | SubnetId: !Ref SubnetWEBC 279 | IPv6WorkaroundRole: 280 | Type: AWS::IAM::Role 281 | Properties: 282 | AssumeRolePolicyDocument: 283 | Version: '2012-10-17' 284 | Statement: 285 | - Effect: Allow 286 | Principal: 287 | Service: 288 | - lambda.amazonaws.com 289 | Action: 290 | - sts:AssumeRole 291 | Path: "/" 292 | Policies: 293 | - PolicyName: !Sub "ipv6-fix-logs-${AWS::StackName}" 294 | PolicyDocument: 295 | Version: '2012-10-17' 296 | Statement: 297 | - Effect: Allow 298 | Action: 299 | - logs:CreateLogGroup 300 | - logs:CreateLogStream 301 | - logs:PutLogEvents 302 | Resource: arn:aws:logs:*:*:* 303 | - PolicyName: !Sub "ipv6-fix-modify-${AWS::StackName}" 304 | PolicyDocument: 305 | Version: '2012-10-17' 306 | Statement: 307 | - Effect: Allow 308 | Action: 309 | - ec2:ModifySubnetAttribute 310 | Resource: "*" 311 | IPv6WorkaroundLambda: 312 | Type: AWS::Lambda::Function 313 | Properties: 314 | Handler: "index.lambda_handler" 315 | Code: #import cfnresponse below required to send respose back to CFN 316 | ZipFile: 317 | Fn::Sub: | 318 | import cfnresponse 319 | import boto3 320 | 321 | def lambda_handler(event, context): 322 | if event['RequestType'] is 'Delete': 323 | cfnresponse.send(event, context, cfnresponse.SUCCESS) 324 | return 325 | 326 | responseValue = event['ResourceProperties']['SubnetId'] 327 | ec2 = boto3.client('ec2', region_name='${AWS::Region}') 328 | ec2.modify_subnet_attribute(AssignIpv6AddressOnCreation={ 329 | 'Value': True 330 | }, 331 | SubnetId=responseValue) 332 | responseData = {} 333 | responseData['SubnetId'] = responseValue 334 | cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData, "CustomResourcePhysicalID") 335 | Runtime: python3.9 336 | Role: !GetAtt IPv6WorkaroundRole.Arn 337 | Timeout: 30 338 | DefaultInstanceSecurityGroup: 339 | Type: 'AWS::EC2::SecurityGroup' 340 | Properties: 341 | VpcId: !Ref VPC 342 | GroupDescription: Enable SSH access via port 22 IPv4 & v6 343 | SecurityGroupIngress: 344 | - Description: 'Allow SSH IPv4 IN' 345 | IpProtocol: tcp 346 | FromPort: '22' 347 | ToPort: '22' 348 | CidrIp: '0.0.0.0/0' 349 | - Description: 'Allow HTTP IPv4 IN' 350 | IpProtocol: tcp 351 | FromPort: '80' 352 | ToPort: '80' 353 | CidrIp: '0.0.0.0/0' 354 | - Description: 'Allow SSH IPv6 IN' 355 | IpProtocol: tcp 356 | FromPort: '22' 357 | ToPort: '22' 358 | CidrIpv6: ::/0 359 | Outputs: 360 | a4lvpc1: 361 | Description: Animals4Life VPC1_ID 362 | Value: !Ref VPC 363 | Export: 364 | Name: a4l-vpc1 365 | a4lvpc1subnetweba: 366 | Description: Animals4Life VPC1 SubnetWEBA 367 | Value: !Ref SubnetWEBA 368 | Export: 369 | Name: a4l-vpc1-subnet-weba 370 | a4lvpc1subnetwebb: 371 | Description: Animals4Life VPC1 SubnetWEBB 372 | Value: !Ref SubnetWEBB 373 | Export: 374 | Name: a4l-vpc1-subnet-webb 375 | a4lvpc1subnetwebc: 376 | Description: Animals4Life VPC1 SubnetWEBC 377 | Value: !Ref SubnetWEBC 378 | Export: 379 | Name: a4l-vpc1-subnet-webc 380 | a4lvpc1subnetappa: 381 | Description: Animals4Life VPC1 SubnetAPPA 382 | Value: !Ref SubnetAPPA 383 | Export: 384 | Name: a4l-vpc1-subnet-appa 385 | a4lvpc1subnetappb: 386 | Description: Animals4Life VPC1 SubnetAPPB 387 | Value: !Ref SubnetAPPB 388 | Export: 389 | Name: a4l-vpc1-subnet-appb 390 | a4lvpc1subnetappc: 391 | Description: Animals4Life VPC1 SubnetAPPC 392 | Value: !Ref SubnetAPPC 393 | Export: 394 | Name: a4l-vpc1-subnet-appc 395 | a4lvpc1subnetdba: 396 | Description: Animals4Life VPC1 SubnetDBA 397 | Value: !Ref SubnetDBA 398 | Export: 399 | Name: a4l-vpc1-subnet-dba 400 | a4lvpc1subnetdbb: 401 | Description: Animals4Life VPC1 SubnetDBB 402 | Value: !Ref SubnetDBB 403 | Export: 404 | Name: a4l-vpc1-subnet-dbb 405 | a4lvpc1subnetdbc: 406 | Description: Animals4Life VPC1 SubnetDBC 407 | Value: !Ref SubnetDBC 408 | Export: 409 | Name: a4l-vpc1-subnet-dbc 410 | a4lvpc1subnetreserveda: 411 | Description: Animals4Life VPC1 SubnetReservedA 412 | Value: !Ref SubnetReservedA 413 | Export: 414 | Name: a4l-vpc1-subnet-reserveda 415 | a4lvpc1subnetreservedb: 416 | Description: Animals4Life VPC1 SubnetReservedB 417 | Value: !Ref SubnetReservedB 418 | Export: 419 | Name: a4l-vpc1-subnet-reservedb 420 | a4lvpc1subnetreservedc: 421 | Description: Animals4Life VPC1 SubnetReservedC 422 | Value: !Ref SubnetReservedC 423 | Export: 424 | Name: a4l-vpc1-subnet-reservedc 425 | a4lvpc1defaultinstancesg: 426 | Description: Animals4Life VPC1 Default Instance SecurityGroup 427 | Value: !Ref DefaultInstanceSecurityGroup 428 | Export: 429 | Name: a4l-vpc1-default-instance-sg -------------------------------------------------------------------------------- /10_R53/r53_zones_and_failover/A4L_WEB.yaml: -------------------------------------------------------------------------------- 1 | 2 | Description: A4L CFN-INIT Generic Web Simple Template 3 | Requires A4L VPC Template to run 4 | Parameters: 5 | LatestAmiId: 6 | Description: AMI for Instance (default is latest AmaLinux2) 7 | Type: 'AWS::SSM::Parameter::Value' 8 | Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2' 9 | KeyName: 10 | Type: AWS::EC2::KeyPair::KeyName 11 | Description: "Name of an existing SSH Keypair to access the instance" 12 | Resources: 13 | EC2Instance: 14 | Type: AWS::EC2::Instance 15 | Properties: 16 | KeyName: !Ref KeyName 17 | InstanceType: "t2.micro" 18 | ImageId: !Ref LatestAmiId 19 | SubnetId: !ImportValue a4l-vpc1-subnet-weba 20 | SecurityGroupIds: 21 | - !ImportValue a4l-vpc1-default-instance-sg 22 | Tags: 23 | - Key: Name 24 | Value: A4L-WEB 25 | UserData: 26 | Fn::Base64: !Sub | 27 | #!/bin/bash -xe 28 | yum -y update 29 | yum install -y httpd wget git 30 | cd /tmp 31 | git clone https://github.com/acantril/aws-sa-associate-saac02.git 32 | cp ./aws-sa-associate-saac02/11-Route53/r53_zones_and_failover/01_a4lwebsite/* /var/www/html 33 | usermod -a -G apache ec2-user 34 | chown -R ec2-user:apache /var/www 35 | chmod 2775 /var/www 36 | find /var/www -type d -exec chmod 2775 {} \; 37 | find /var/www -type f -exec chmod 0664 {} \; 38 | systemctl enable httpd 39 | systemctl start httpd 40 | -------------------------------------------------------------------------------- /10_R53/r53_zones_and_failover/bucket_policy.json: -------------------------------------------------------------------------------- 1 | { 2 | "Version":"2012-10-17", 3 | "Statement":[ 4 | { 5 | "Sid":"PublicRead", 6 | "Effect":"Allow", 7 | "Principal": "*", 8 | "Action":["s3:GetObject"], 9 | "Resource":["arn:aws:s3:::examplebucket/*"] 10 | } 11 | ] 12 | } 13 | -------------------------------------------------------------------------------- /11_CDN/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/11_CDN/.DS_Store -------------------------------------------------------------------------------- /11_CDN/00_LEARNINGAIDS/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/11_CDN/00_LEARNINGAIDS/placeholder.md -------------------------------------------------------------------------------- /11_CDN/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/11_CDN/placeholder.md -------------------------------------------------------------------------------- /12_NETWORK_SECURITY_RISK_COMPLIANCE/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/12_NETWORK_SECURITY_RISK_COMPLIANCE/.DS_Store -------------------------------------------------------------------------------- /12_NETWORK_SECURITY_RISK_COMPLIANCE/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/12_NETWORK_SECURITY_RISK_COMPLIANCE/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /12_NETWORK_SECURITY_RISK_COMPLIANCE/00_LEARNINGAIDS/URLFilter.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/12_NETWORK_SECURITY_RISK_COMPLIANCE/00_LEARNINGAIDS/URLFilter.png -------------------------------------------------------------------------------- /12_NETWORK_SECURITY_RISK_COMPLIANCE/00_LEARNINGAIDS/ipranges.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/12_NETWORK_SECURITY_RISK_COMPLIANCE/00_LEARNINGAIDS/ipranges.png -------------------------------------------------------------------------------- /12_NETWORK_SECURITY_RISK_COMPLIANCE/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/12_NETWORK_SECURITY_RISK_COMPLIANCE/placeholder.md -------------------------------------------------------------------------------- /13_VPC_PEERING/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/13_VPC_PEERING/.DS_Store -------------------------------------------------------------------------------- /13_VPC_PEERING/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/13_VPC_PEERING/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /13_VPC_PEERING/00_LEARNINGAIDS/EdgeRouting.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/13_VPC_PEERING/00_LEARNINGAIDS/EdgeRouting.png -------------------------------------------------------------------------------- /13_VPC_PEERING/00_LEARNINGAIDS/EdgeRoutingPrivate.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/13_VPC_PEERING/00_LEARNINGAIDS/EdgeRoutingPrivate.png -------------------------------------------------------------------------------- /13_VPC_PEERING/00_LEARNINGAIDS/OverLappingCIDR2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/13_VPC_PEERING/00_LEARNINGAIDS/OverLappingCIDR2.png -------------------------------------------------------------------------------- /13_VPC_PEERING/00_LEARNINGAIDS/OverlappingCIDR1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/13_VPC_PEERING/00_LEARNINGAIDS/OverlappingCIDR1.png -------------------------------------------------------------------------------- /13_VPC_PEERING/00_LEARNINGAIDS/OverlappingCIDR3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/13_VPC_PEERING/00_LEARNINGAIDS/OverlappingCIDR3.png -------------------------------------------------------------------------------- /13_VPC_PEERING/00_LEARNINGAIDS/TransitiveRouting.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/13_VPC_PEERING/00_LEARNINGAIDS/TransitiveRouting.png -------------------------------------------------------------------------------- /13_VPC_PEERING/00_LEARNINGAIDS/VPCPeering.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/13_VPC_PEERING/00_LEARNINGAIDS/VPCPeering.png -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/.DS_Store -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/ClientVPN1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/ClientVPN1.png -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/ClientVPN2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/ClientVPN2.png -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/IPSECvpn.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/IPSECvpn.png -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/IPSECvpn2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/IPSECvpn2.png -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/IPSECvpn3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/IPSECvpn3.png -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/IPSECvpn4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/IPSECvpn4.png -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/TGWRouting.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/TGWRouting.png -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/VGWDeepDive.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/VGWDeepDive.png -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/VPNCloudHub.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/00_LEARNINGAIDS/VPNCloudHub.png -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/01_Static_Site2SiteVPN/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/01_Static_Site2SiteVPN/placeholder.md -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/02_Dynamic_Site2SiteVPN/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/02_Dynamic_Site2SiteVPN/placeholder.md -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/03_HybridNetwork_using_TGW/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/03_HybridNetwork_using_TGW/placeholder.md -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/04_ClientVPN/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/04_ClientVPN/placeholder.md -------------------------------------------------------------------------------- /14_HYBRIDNETWORKING_VIRTUAL/05_SoftwareVPN_using_OpenVPN/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/14_HYBRIDNETWORKING_VIRTUAL/05_SoftwareVPN_using_OpenVPN/placeholder.md -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/.DS_Store -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXBFD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXBFD.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXBGPCommunities.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXBGPCommunities.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXBGPSessonVLAN.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXBGPSessonVLAN.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXConcepts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXConcepts.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXConnectionProcess.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXConnectionProcess.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXGateway2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXGateway2.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXGateway4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXGateway4.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXGateway5.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXGateway5.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXGateway6.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXGateway6.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXGateway7.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXGateway7.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXMACSec.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXMACSec.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXMACSec4.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXMACSec4.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXMACsec3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXMACsec3.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXMacSec2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXMacSec2.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXPrivateVIFS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXPrivateVIFS.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXPublicVIFS.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXPublicVIFS.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXPublicVIFVPN.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXPublicVIFVPN.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXgateway.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXgateway.png -------------------------------------------------------------------------------- /15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXgateway3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/15_HYBRIDNETWORKING_PHYSICAL/00_LEARNINGAIDS/DXgateway3.png -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/.DS_Store -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/ADConnector.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/ADConnector.png -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/FSX.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/FSX.png -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/MIcrosoftAD.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/MIcrosoftAD.png -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayFile1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayFile1.png -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayFile2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayFile2.png -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayVTL1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayVTL1.png -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayVTL2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayVTL2.png -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayVolume1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayVolume1.png -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayVolume2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/StorageGatewayVolume2.png -------------------------------------------------------------------------------- /16_HYBRIDSERVICES/00_LEARNINGAIDS/Workspaces.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/16_HYBRIDSERVICES/00_LEARNINGAIDS/Workspaces.png -------------------------------------------------------------------------------- /17_NETWORK_BILLING/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/17_NETWORK_BILLING/.DS_Store -------------------------------------------------------------------------------- /17_NETWORK_BILLING/00_LEARNINGAIDS/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/17_NETWORK_BILLING/00_LEARNINGAIDS/.DS_Store -------------------------------------------------------------------------------- /17_NETWORK_BILLING/00_LEARNINGAIDS/DirectConnectBilling1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/17_NETWORK_BILLING/00_LEARNINGAIDS/DirectConnectBilling1.png -------------------------------------------------------------------------------- /17_NETWORK_BILLING/00_LEARNINGAIDS/DirectConnectBilling2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/17_NETWORK_BILLING/00_LEARNINGAIDS/DirectConnectBilling2.png -------------------------------------------------------------------------------- /17_NETWORK_BILLING/00_LEARNINGAIDS/TransitGatewayBilling1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/17_NETWORK_BILLING/00_LEARNINGAIDS/TransitGatewayBilling1.png -------------------------------------------------------------------------------- /17_NETWORK_BILLING/00_LEARNINGAIDS/TransitGatewayBilling2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/17_NETWORK_BILLING/00_LEARNINGAIDS/TransitGatewayBilling2.png -------------------------------------------------------------------------------- /18_DR/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/18_DR/.DS_Store -------------------------------------------------------------------------------- /18_DR/00_LEARNINGAIDS/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/18_DR/00_LEARNINGAIDS/placeholder.md -------------------------------------------------------------------------------- /18_DR/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/18_DR/placeholder.md -------------------------------------------------------------------------------- /19_EXAMPREP/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/19_EXAMPREP/.DS_Store -------------------------------------------------------------------------------- /19_EXAMPREP/00_LEARNINGAIDS/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/19_EXAMPREP/00_LEARNINGAIDS/placeholder.md -------------------------------------------------------------------------------- /19_EXAMPREP/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/19_EXAMPREP/placeholder.md -------------------------------------------------------------------------------- /20_FINISHINGUP/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/20_FINISHINGUP/.DS_Store -------------------------------------------------------------------------------- /20_FINISHINGUP/00_LEARNINGAIDS/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/20_FINISHINGUP/00_LEARNINGAIDS/placeholder.md -------------------------------------------------------------------------------- /20_FINISHINGUP/placeholder.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/acantril/aws-advancednetworking-specialty/da96c2c33377ac5cd2a798b2a56058f88710c544/20_FINISHINGUP/placeholder.md -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 Adrian Cantrill 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # aws-advancednetworking-specialty 2 | Repo for https://learn.cantrill.io/p/aws-certified-advanced-networking-specialty 3 | -------------------------------------------------------------------------------- /VPCMasterTemplate.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: "2010-09-09" 2 | Description: "A4L Base VPC Template" 3 | Parameters: 4 | VPCCIDR: 5 | Type: "String" 6 | Description: "IP Address range for the VPC" 7 | MinLength: "9" 8 | MaxLength: "18" 9 | Default: "10.16.0.0/16" 10 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 11 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 12 | RESERVEDACIDR: 13 | Type: "String" 14 | Description: "IP Address range for A4L-SN-Reserved-A Subnet" 15 | MinLength: "9" 16 | MaxLength: "18" 17 | Default: "10.16.0.0/20" 18 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 19 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 20 | DBACIDR: 21 | Type: "String" 22 | Description: "IP Address range for A4L-SN-DB-A Subnet" 23 | MinLength: "9" 24 | MaxLength: "18" 25 | Default: "10.16.16.0/20" 26 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 27 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 28 | PRIVACIDR: 29 | Type: "String" 30 | Description: "IP Address range for A4L-SN-PRIV-A Subnet" 31 | MinLength: "9" 32 | MaxLength: "18" 33 | Default: "10.16.32.0/20" 34 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 35 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 36 | PUBACIDR: 37 | Type: "String" 38 | Description: "IP Address range for A4L-SN-PUB-A Subnet" 39 | MinLength: "9" 40 | MaxLength: "18" 41 | Default: "10.16.48.0/20" 42 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 43 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 44 | RESERVEDBCIDR: 45 | Type: "String" 46 | Description: "IP Address range for A4L-SN-Reserved-B Subnet" 47 | MinLength: "9" 48 | MaxLength: "18" 49 | Default: "10.16.64.0/20" 50 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 51 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 52 | DBBCIDR: 53 | Type: "String" 54 | Description: "IP Address range for A4L-SN-DB-B Subnet" 55 | MinLength: "9" 56 | MaxLength: "18" 57 | Default: "10.16.80.0/20" 58 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 59 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 60 | PRIVBCIDR: 61 | Type: "String" 62 | Description: "IP Address range for A4L-SN-PRIV-A Subnet" 63 | MinLength: "9" 64 | MaxLength: "18" 65 | Default: "10.16.96.0/20" 66 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 67 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 68 | PUBBCIDR: 69 | Type: "String" 70 | Description: "IP Address range for A4L-SN-PUB-A Subnet" 71 | MinLength: "9" 72 | MaxLength: "18" 73 | Default: "10.16.112.0/20" 74 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 75 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 76 | RESERVEDCCIDR: 77 | Type: "String" 78 | Description: "IP Address range for A4L-SN-Reserved-C Subnet" 79 | MinLength: "9" 80 | MaxLength: "18" 81 | Default: "10.16.128.0/20" 82 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 83 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 84 | DBCCIDR: 85 | Type: "String" 86 | Description: "IP Address range for A4L-SN-DB-C Subnet" 87 | MinLength: "9" 88 | MaxLength: "18" 89 | Default: "10.16.144.0/20" 90 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 91 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 92 | PRIVCCIDR: 93 | Type: "String" 94 | Description: "IP Address range for A4L-SN-PRIV-C Subnet" 95 | MinLength: "9" 96 | MaxLength: "18" 97 | Default: "10.16.160.0/20" 98 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 99 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 100 | PUBCCIDR: 101 | Type: "String" 102 | Description: "IP Address range for A4L-SN-PUB-C Subnet" 103 | MinLength: "9" 104 | MaxLength: "18" 105 | Default: "10.16.176.0/20" 106 | AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" 107 | ConstraintDescription: "must be a valid IP CIDR range of the form x.x.x.x/x." 108 | PublicIPv4Subnets: 109 | Type: "String" 110 | Description: "Create Public IPv4 Subnets?" 111 | AllowedValues: 112 | - true 113 | - false 114 | Default: true 115 | AddSSMEndpoints: 116 | Type: "String" 117 | Description: "Create SSM Endpoints for public and private instance management" 118 | AllowedValues: 119 | - true 120 | - false 121 | Default: true 122 | EnableIPv6: 123 | Type: "String" 124 | Description: "Enable IPv6 on the VPC and subnets" 125 | AllowedValues: 126 | - true 127 | - false 128 | Default: true 129 | LatestAmiId: 130 | Description: AMI for any EC2 Instances (if applicable) (default is latest AmaLinux2) 131 | Type: 'AWS::SSM::Parameter::Value' 132 | Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2' 133 | Metadata: 134 | AWS::CloudFormation::Interface: 135 | ParameterGroups: 136 | - 137 | Label: 138 | default: "VPC Configuration" 139 | Parameters: 140 | - VPCCIDR 141 | - 142 | Label: 143 | default: "AZA" 144 | Parameters: 145 | - RESERVEDACIDR 146 | - DBACIDR 147 | - PRIVACIDR 148 | - PUBACIDR 149 | - 150 | Label: 151 | default: "AZB" 152 | Parameters: 153 | - RESERVEDBCIDR 154 | - DBBCIDR 155 | - PRIVBCIDR 156 | - PUBBCIDR 157 | - 158 | Label: 159 | default: "AZC" 160 | Parameters: 161 | - RESERVEDCCIDR 162 | - DBCCIDR 163 | - PRIVCCIDR 164 | - PUBCCIDR 165 | Conditions: 166 | EnableIPv6: !Equals 167 | - !Ref EnableIPv6 168 | - true 169 | DisableIPv6: !Equals 170 | - !Ref EnableIPv6 171 | - false 172 | PublicIPv4: !Equals 173 | - !Ref PublicIPv4Subnets 174 | - true 175 | PublicIPv4orIPv6: !Or 176 | - !Equals [!Ref EnableIPv6, true] 177 | - Condition: PublicIPv4 178 | CreateSSMEndpoints: !Equals 179 | - !Ref AddSSMEndpoints 180 | - true 181 | Resources: 182 | VPC: 183 | Type: "AWS::EC2::VPC" 184 | Properties: 185 | EnableDnsSupport: true 186 | EnableDnsHostnames: true 187 | CidrBlock: !Ref VPCCIDR 188 | Tags: 189 | - Key: "Name" 190 | Value: !Sub "${AWS::StackName}-VPC" 191 | IPv6CidrBlock: 192 | Type: AWS::EC2::VPCCidrBlock 193 | Properties: 194 | VpcId: !Ref VPC 195 | AmazonProvidedIpv6CidrBlock: true 196 | IGW: 197 | Type: AWS::EC2::InternetGateway 198 | Condition: PublicIPv4orIPv6 199 | Properties: 200 | Tags: 201 | - Key: "Name" 202 | Value: !Sub "${AWS::StackName}-IGW" 203 | IGWAttachments: 204 | Type: AWS::EC2::VPCGatewayAttachment 205 | Condition: PublicIPv4orIPv6 206 | Properties: 207 | InternetGatewayId: !Ref IGW 208 | VpcId: !Ref VPC 209 | SubnetReservedA: 210 | Type: AWS::EC2::Subnet 211 | DependsOn: IPv6CidrBlock 212 | Properties: 213 | VpcId: !Ref VPC 214 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 215 | CidrBlock: !Ref RESERVEDACIDR 216 | AssignIpv6AddressOnCreation: !If [EnableIPv6, true, !Ref AWS::NoValue] 217 | Ipv6CidrBlock: 218 | Fn::If: 219 | - EnableIPv6 220 | - !Select [ 0, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 221 | - !Ref AWS::NoValue 222 | Tags: 223 | - Key: Name 224 | Value: !Sub "${AWS::StackName}-SN-Reserved-A" 225 | SubnetDBA: 226 | Type: AWS::EC2::Subnet 227 | DependsOn: IPv6CidrBlock 228 | Properties: 229 | VpcId: !Ref VPC 230 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 231 | CidrBlock: !Ref DBACIDR 232 | AssignIpv6AddressOnCreation: !If [EnableIPv6, true, !Ref AWS::NoValue] 233 | Ipv6CidrBlock: 234 | Fn::If: 235 | - EnableIPv6 236 | - !Select [ 1, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 237 | - !Ref AWS::NoValue 238 | Tags: 239 | - Key: Name 240 | Value: !Sub "${AWS::StackName}-SN-DB-A" 241 | SubnetPrivA: 242 | Type: AWS::EC2::Subnet 243 | DependsOn: IPv6CidrBlock 244 | Properties: 245 | VpcId: !Ref VPC 246 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 247 | CidrBlock: !Ref PRIVACIDR 248 | AssignIpv6AddressOnCreation: !If [EnableIPv6, true, !Ref AWS::NoValue] 249 | Ipv6CidrBlock: 250 | Fn::If: 251 | - EnableIPv6 252 | - !Select [ 2, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 253 | - !Ref AWS::NoValue 254 | Tags: 255 | - Key: Name 256 | Value: !Sub "${AWS::StackName}-SN-PRIV-A" 257 | SubnetPubA: 258 | Type: AWS::EC2::Subnet 259 | DependsOn: IPv6CidrBlock 260 | Properties: 261 | VpcId: !Ref VPC 262 | MapPublicIpOnLaunch: !If [PublicIPv4, true, false] 263 | AvailabilityZone: !Select [ 0, !GetAZs '' ] 264 | CidrBlock: !Ref PUBACIDR 265 | Ipv6CidrBlock: 266 | Fn::If: 267 | - EnableIPv6 268 | - !Select [ 3, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 269 | - !Ref AWS::NoValue 270 | Tags: 271 | - Key: Name 272 | Value: !Sub "${AWS::StackName}-SN-PUB-A" 273 | SubnetReservedB: 274 | Type: AWS::EC2::Subnet 275 | DependsOn: IPv6CidrBlock 276 | Properties: 277 | VpcId: !Ref VPC 278 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 279 | CidrBlock: !Ref RESERVEDBCIDR 280 | AssignIpv6AddressOnCreation: !If [EnableIPv6, true, !Ref AWS::NoValue] 281 | Ipv6CidrBlock: 282 | Fn::If: 283 | - EnableIPv6 284 | - !Select [ 4, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 285 | - !Ref AWS::NoValue 286 | Tags: 287 | - Key: Name 288 | Value: !Sub "${AWS::StackName}-SN-Reserved-B" 289 | SubnetDBB: 290 | Type: AWS::EC2::Subnet 291 | DependsOn: IPv6CidrBlock 292 | Properties: 293 | VpcId: !Ref VPC 294 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 295 | CidrBlock: !Ref DBBCIDR 296 | AssignIpv6AddressOnCreation: !If [EnableIPv6, true, !Ref AWS::NoValue] 297 | Ipv6CidrBlock: 298 | Fn::If: 299 | - EnableIPv6 300 | - !Select [ 5, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 301 | - !Ref AWS::NoValue 302 | Tags: 303 | - Key: Name 304 | Value: !Sub "${AWS::StackName}-SN-DB-B" 305 | SubnetPrivB: 306 | Type: AWS::EC2::Subnet 307 | DependsOn: IPv6CidrBlock 308 | Properties: 309 | VpcId: !Ref VPC 310 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 311 | CidrBlock: !Ref PRIVBCIDR 312 | AssignIpv6AddressOnCreation: !If [EnableIPv6, true, !Ref AWS::NoValue] 313 | Ipv6CidrBlock: 314 | Fn::If: 315 | - EnableIPv6 316 | - !Select [ 6, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 317 | - !Ref AWS::NoValue 318 | Tags: 319 | - Key: Name 320 | Value: !Sub "${AWS::StackName}-SN-PRIV-B" 321 | SubnetPubB: 322 | Type: AWS::EC2::Subnet 323 | DependsOn: IPv6CidrBlock 324 | Properties: 325 | MapPublicIpOnLaunch: !If [PublicIPv4, true, false] 326 | VpcId: !Ref VPC 327 | AvailabilityZone: !Select [ 1, !GetAZs '' ] 328 | CidrBlock: !Ref PUBBCIDR 329 | Ipv6CidrBlock: 330 | Fn::If: 331 | - EnableIPv6 332 | - !Select [ 7, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 333 | - !Ref AWS::NoValue 334 | Tags: 335 | - Key: Name 336 | Value: !Sub "${AWS::StackName}-SN-PUB-B" 337 | SubnetReservedC: 338 | Type: AWS::EC2::Subnet 339 | DependsOn: IPv6CidrBlock 340 | Properties: 341 | VpcId: !Ref VPC 342 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 343 | CidrBlock: !Ref RESERVEDCCIDR 344 | AssignIpv6AddressOnCreation: !If [EnableIPv6, true, !Ref AWS::NoValue] 345 | Ipv6CidrBlock: 346 | Fn::If: 347 | - EnableIPv6 348 | - !Select [ 8, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 349 | - !Ref AWS::NoValue 350 | Tags: 351 | - Key: Name 352 | Value: !Sub "${AWS::StackName}-SN-Reserved-C" 353 | SubnetDBC: 354 | Type: AWS::EC2::Subnet 355 | DependsOn: IPv6CidrBlock 356 | Properties: 357 | VpcId: !Ref VPC 358 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 359 | CidrBlock: !Ref DBCCIDR 360 | AssignIpv6AddressOnCreation: !If [EnableIPv6, true, !Ref AWS::NoValue] 361 | Ipv6CidrBlock: 362 | Fn::If: 363 | - EnableIPv6 364 | - !Select [ 9, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 365 | - !Ref AWS::NoValue 366 | Tags: 367 | - Key: Name 368 | Value: !Sub "${AWS::StackName}-SN-DB-C" 369 | SubnetPrivC: 370 | Type: AWS::EC2::Subnet 371 | DependsOn: IPv6CidrBlock 372 | Properties: 373 | VpcId: !Ref VPC 374 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 375 | CidrBlock: !Ref PRIVCCIDR 376 | AssignIpv6AddressOnCreation: !If [EnableIPv6, true, !Ref AWS::NoValue] 377 | Ipv6CidrBlock: 378 | Fn::If: 379 | - EnableIPv6 380 | - !Select [ 10, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 381 | - !Ref AWS::NoValue 382 | Tags: 383 | - Key: Name 384 | Value: !Sub "${AWS::StackName}-SN-PRIV-C" 385 | SubnetPubC: 386 | Type: AWS::EC2::Subnet 387 | DependsOn: IPv6CidrBlock 388 | Properties: 389 | MapPublicIpOnLaunch: !If [PublicIPv4, true, false] 390 | VpcId: !Ref VPC 391 | AvailabilityZone: !Select [ 2, !GetAZs '' ] 392 | CidrBlock: !Ref PUBCCIDR 393 | Ipv6CidrBlock: 394 | Fn::If: 395 | - EnableIPv6 396 | - !Select [ 11, !Cidr [ !Select [ 0, !GetAtt VPC.Ipv6CidrBlocks], 16, 64 ]] 397 | - !Ref AWS::NoValue 398 | Tags: 399 | - Key: Name 400 | Value: !Sub "${AWS::StackName}-SN-PUB-C" 401 | IPv6WorkaroundSubnetPUBA: 402 | Condition: EnableIPv6 403 | Type: Custom::SubnetModify 404 | Properties: 405 | ServiceToken: !GetAtt IPv6WorkaroundLambda.Arn 406 | SubnetId: !Ref SubnetPubA 407 | IPv6WorkaroundSubnetPUBB: 408 | Condition: EnableIPv6 409 | Type: Custom::SubnetModify 410 | Properties: 411 | ServiceToken: !GetAtt IPv6WorkaroundLambda.Arn 412 | SubnetId: !Ref SubnetPubB 413 | IPv6WorkaroundSubnetPUBC: 414 | Condition: EnableIPv6 415 | Type: Custom::SubnetModify 416 | Properties: 417 | ServiceToken: !GetAtt IPv6WorkaroundLambda.Arn 418 | SubnetId: !Ref SubnetPubC 419 | IPv6WorkaroundRole: 420 | Type: AWS::IAM::Role 421 | Properties: 422 | AssumeRolePolicyDocument: 423 | Version: '2012-10-17' 424 | Statement: 425 | - Effect: Allow 426 | Principal: 427 | Service: 428 | - lambda.amazonaws.com 429 | Action: 430 | - sts:AssumeRole 431 | Path: "/" 432 | Policies: 433 | - PolicyName: !Sub "ipv6-fix-logs-${AWS::StackName}" 434 | PolicyDocument: 435 | Version: '2012-10-17' 436 | Statement: 437 | - Effect: Allow 438 | Action: 439 | - logs:CreateLogGroup 440 | - logs:CreateLogStream 441 | - logs:PutLogEvents 442 | Resource: arn:aws:logs:*:*:* 443 | - PolicyName: !Sub "ipv6-fix-modify-${AWS::StackName}" 444 | PolicyDocument: 445 | Version: '2012-10-17' 446 | Statement: 447 | - Effect: Allow 448 | Action: 449 | - ec2:ModifySubnetAttribute 450 | Resource: "*" 451 | IPv6WorkaroundLambda: 452 | Type: AWS::Lambda::Function 453 | Properties: 454 | Handler: "index.lambda_handler" 455 | Code: #import cfnresponse below required to send respose back to CFN 456 | ZipFile: 457 | Fn::Sub: | 458 | import cfnresponse 459 | import boto3 460 | 461 | def lambda_handler(event, context): 462 | if event['RequestType'] is 'Delete': 463 | cfnresponse.send(event, context, cfnresponse.SUCCESS) 464 | return 465 | 466 | responseValue = event['ResourceProperties']['SubnetId'] 467 | ec2 = boto3.client('ec2', region_name='${AWS::Region}') 468 | ec2.modify_subnet_attribute(AssignIpv6AddressOnCreation={ 469 | 'Value': True 470 | }, 471 | SubnetId=responseValue) 472 | responseData = {} 473 | responseData['SubnetId'] = responseValue 474 | cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData, "CustomResourcePhysicalID") 475 | Runtime: python3.6 476 | Role: !GetAtt IPv6WorkaroundRole.Arn 477 | Timeout: 30 478 | RTRESERVEDA: 479 | Type: 'AWS::EC2::RouteTable' 480 | Properties: 481 | VpcId: !Ref VPC 482 | Tags: 483 | - Key: Name 484 | Value: !Sub "${AWS::StackName}-RT-Reserved-A" 485 | RTDBA: 486 | Type: 'AWS::EC2::RouteTable' 487 | Properties: 488 | VpcId: !Ref VPC 489 | Tags: 490 | - Key: Name 491 | Value: !Sub "${AWS::StackName}-RT-DB-A" 492 | RTPRIVA: 493 | Type: 'AWS::EC2::RouteTable' 494 | Properties: 495 | VpcId: !Ref VPC 496 | Tags: 497 | - Key: Name 498 | Value: !Sub "${AWS::StackName}-RT-PRIV-A" 499 | RTPUBA: 500 | Type: 'AWS::EC2::RouteTable' 501 | Properties: 502 | VpcId: !Ref VPC 503 | Tags: 504 | - Key: Name 505 | Value: !Sub "${AWS::StackName}-RT-PUB-A" 506 | RTRESERVEDB: 507 | Type: 'AWS::EC2::RouteTable' 508 | Properties: 509 | VpcId: !Ref VPC 510 | Tags: 511 | - Key: Name 512 | Value: !Sub "${AWS::StackName}-RT-Reserved-B" 513 | RTDBB: 514 | Type: 'AWS::EC2::RouteTable' 515 | Properties: 516 | VpcId: !Ref VPC 517 | Tags: 518 | - Key: Name 519 | Value: !Sub "${AWS::StackName}-RT-DB-B" 520 | RTPRIVB: 521 | Type: 'AWS::EC2::RouteTable' 522 | Properties: 523 | VpcId: !Ref VPC 524 | Tags: 525 | - Key: Name 526 | Value: !Sub "${AWS::StackName}-RT-PRIV-B" 527 | RTPUBB: 528 | Type: 'AWS::EC2::RouteTable' 529 | Properties: 530 | VpcId: !Ref VPC 531 | Tags: 532 | - Key: Name 533 | Value: !Sub "${AWS::StackName}-RT-PUB-B" 534 | RTRESERVEDC: 535 | Type: 'AWS::EC2::RouteTable' 536 | Properties: 537 | VpcId: !Ref VPC 538 | Tags: 539 | - Key: Name 540 | Value: !Sub "${AWS::StackName}-RT-Reserved-C" 541 | RTDBC: 542 | Type: 'AWS::EC2::RouteTable' 543 | Properties: 544 | VpcId: !Ref VPC 545 | Tags: 546 | - Key: Name 547 | Value: !Sub "${AWS::StackName}-RT-DB-C" 548 | RTPRIVC: 549 | Type: 'AWS::EC2::RouteTable' 550 | Properties: 551 | VpcId: !Ref VPC 552 | Tags: 553 | - Key: Name 554 | Value: !Sub "${AWS::StackName}-RT-PRIV-C" 555 | RTPUBC: 556 | Type: 'AWS::EC2::RouteTable' 557 | Properties: 558 | VpcId: !Ref VPC 559 | Tags: 560 | - Key: Name 561 | Value: !Sub "${AWS::StackName}-RT-PUB-C" 562 | DefaultRouteIPv4PUBA: 563 | Type : AWS::EC2::Route 564 | Condition: PublicIPv4 565 | Properties: 566 | DestinationCidrBlock: 0.0.0.0/0 567 | GatewayId: !Ref IGW 568 | RouteTableId: !Ref RTPUBA 569 | DefaultRouteIPv4PUBB: 570 | Type : AWS::EC2::Route 571 | Condition: PublicIPv4 572 | Properties: 573 | DestinationCidrBlock: 0.0.0.0/0 574 | GatewayId: !Ref IGW 575 | RouteTableId: !Ref RTPUBB 576 | DefaultRouteIPv4PUBC: 577 | Type : AWS::EC2::Route 578 | Condition: PublicIPv4 579 | Properties: 580 | DestinationCidrBlock: 0.0.0.0/0 581 | GatewayId: !Ref IGW 582 | RouteTableId: !Ref RTPUBC 583 | DefaultRouteIPv6RESERVEDA: 584 | Type : AWS::EC2::Route 585 | Condition: EnableIPv6 586 | Properties: 587 | DestinationIpv6CidrBlock: ::/0 588 | GatewayId: !Ref IGW 589 | RouteTableId: !Ref RTRESERVEDA 590 | DefaultRouteIPv6DBA: 591 | Type : AWS::EC2::Route 592 | Condition: EnableIPv6 593 | Properties: 594 | DestinationIpv6CidrBlock: ::/0 595 | GatewayId: !Ref IGW 596 | RouteTableId: !Ref RTDBA 597 | DefaultRouteIPv6PUBA: 598 | Type : AWS::EC2::Route 599 | Condition: EnableIPv6 600 | Properties: 601 | DestinationIpv6CidrBlock: ::/0 602 | GatewayId: !Ref IGW 603 | RouteTableId: !Ref RTPUBA 604 | DefaultRouteIPv6PRIVA: 605 | Type : AWS::EC2::Route 606 | Condition: EnableIPv6 607 | Properties: 608 | DestinationIpv6CidrBlock: ::/0 609 | GatewayId: !Ref IGW 610 | RouteTableId: !Ref RTPRIVA 611 | DefaultRouteIPv6RESERVEDB: 612 | Type : AWS::EC2::Route 613 | Condition: EnableIPv6 614 | Properties: 615 | DestinationIpv6CidrBlock: ::/0 616 | GatewayId: !Ref IGW 617 | RouteTableId: !Ref RTRESERVEDB 618 | DefaultRouteIPv6DBB: 619 | Type : AWS::EC2::Route 620 | Condition: EnableIPv6 621 | Properties: 622 | DestinationIpv6CidrBlock: ::/0 623 | GatewayId: !Ref IGW 624 | RouteTableId: !Ref RTDBB 625 | DefaultRouteIPv6PUBB: 626 | Type : AWS::EC2::Route 627 | Condition: EnableIPv6 628 | Properties: 629 | DestinationIpv6CidrBlock: ::/0 630 | GatewayId: !Ref IGW 631 | RouteTableId: !Ref RTPUBB 632 | DefaultRouteIPv6PRIVB: 633 | Type : AWS::EC2::Route 634 | Condition: EnableIPv6 635 | Properties: 636 | DestinationIpv6CidrBlock: ::/0 637 | GatewayId: !Ref IGW 638 | RouteTableId: !Ref RTPRIVB 639 | DefaultRouteIPv6RESERVEDC: 640 | Type : AWS::EC2::Route 641 | Condition: EnableIPv6 642 | Properties: 643 | DestinationIpv6CidrBlock: ::/0 644 | GatewayId: !Ref IGW 645 | RouteTableId: !Ref RTRESERVEDC 646 | DefaultRouteIPv6DBC: 647 | Type : AWS::EC2::Route 648 | Condition: EnableIPv6 649 | Properties: 650 | DestinationIpv6CidrBlock: ::/0 651 | GatewayId: !Ref IGW 652 | RouteTableId: !Ref RTDBC 653 | DefaultRouteIPv6PUBC: 654 | Type : AWS::EC2::Route 655 | Condition: EnableIPv6 656 | Properties: 657 | DestinationIpv6CidrBlock: ::/0 658 | GatewayId: !Ref IGW 659 | RouteTableId: !Ref RTPUBC 660 | DefaultRouteIPv6PRIVC: 661 | Type : AWS::EC2::Route 662 | Condition: EnableIPv6 663 | Properties: 664 | DestinationIpv6CidrBlock: ::/0 665 | GatewayId: !Ref IGW 666 | RouteTableId: !Ref RTPRIVC 667 | RTAssociationRESERVEDA: 668 | Type: AWS::EC2::SubnetRouteTableAssociation 669 | Properties: 670 | SubnetId: !Ref SubnetReservedA 671 | RouteTableId: !Ref RTRESERVEDA 672 | RTAssociationDBA: 673 | Type: AWS::EC2::SubnetRouteTableAssociation 674 | Properties: 675 | SubnetId: !Ref SubnetDBA 676 | RouteTableId: !Ref RTDBA 677 | RTAssociationPRIVA: 678 | Type: AWS::EC2::SubnetRouteTableAssociation 679 | Properties: 680 | SubnetId: !Ref SubnetPrivA 681 | RouteTableId: !Ref RTPRIVA 682 | RTAssociationPUBA: 683 | Type: AWS::EC2::SubnetRouteTableAssociation 684 | Properties: 685 | SubnetId: !Ref SubnetPubA 686 | RouteTableId: !Ref RTPUBA 687 | RTAssociationRESERVEDB: 688 | Type: AWS::EC2::SubnetRouteTableAssociation 689 | Properties: 690 | SubnetId: !Ref SubnetReservedB 691 | RouteTableId: !Ref RTRESERVEDB 692 | RTAssociationDBB: 693 | Type: AWS::EC2::SubnetRouteTableAssociation 694 | Properties: 695 | SubnetId: !Ref SubnetDBB 696 | RouteTableId: !Ref RTDBB 697 | RTAssociationPRIVB: 698 | Type: AWS::EC2::SubnetRouteTableAssociation 699 | Properties: 700 | SubnetId: !Ref SubnetPrivB 701 | RouteTableId: !Ref RTPRIVB 702 | RTAssociationPUBB: 703 | Type: AWS::EC2::SubnetRouteTableAssociation 704 | Properties: 705 | SubnetId: !Ref SubnetPubB 706 | RouteTableId: !Ref RTPUBB 707 | RTAssociationRESERVEDC: 708 | Type: AWS::EC2::SubnetRouteTableAssociation 709 | Properties: 710 | SubnetId: !Ref SubnetReservedC 711 | RouteTableId: !Ref RTRESERVEDC 712 | RTAssociationDBC: 713 | Type: AWS::EC2::SubnetRouteTableAssociation 714 | Properties: 715 | SubnetId: !Ref SubnetDBC 716 | RouteTableId: !Ref RTDBC 717 | RTAssociationPRIVC: 718 | Type: AWS::EC2::SubnetRouteTableAssociation 719 | Properties: 720 | SubnetId: !Ref SubnetPrivC 721 | RouteTableId: !Ref RTPRIVC 722 | RTAssociationPUBC: 723 | Type: AWS::EC2::SubnetRouteTableAssociation 724 | Properties: 725 | SubnetId: !Ref SubnetPubC 726 | RouteTableId: !Ref RTPUBC 727 | ssminterfaceendpoint: 728 | Type: AWS::EC2::VPCEndpoint 729 | Condition: CreateSSMEndpoints 730 | Properties: 731 | VpcEndpointType: "Interface" 732 | PrivateDnsEnabled: "True" 733 | SubnetIds: 734 | - !Ref SubnetPrivA 735 | - !Ref SubnetPrivB 736 | - !Ref SubnetPrivC 737 | SecurityGroupIds: 738 | - !If [EnableIPv6, !Ref GeneralSGIPv6, !Ref GeneralSGIPv4] 739 | ServiceName: !Sub com.amazonaws.${AWS::Region}.ssm 740 | VpcId: !Ref VPC 741 | ssmec2messagesinterfaceendpoint: 742 | Type: AWS::EC2::VPCEndpoint 743 | Condition: CreateSSMEndpoints 744 | Properties: 745 | VpcEndpointType: "Interface" 746 | PrivateDnsEnabled: "True" 747 | SubnetIds: 748 | - !Ref SubnetPrivA 749 | - !Ref SubnetPrivB 750 | - !Ref SubnetPrivC 751 | SecurityGroupIds: 752 | - !If [EnableIPv6, !Ref GeneralSGIPv6, !Ref GeneralSGIPv4] 753 | ServiceName: !Sub com.amazonaws.${AWS::Region}.ec2messages 754 | VpcId: !Ref VPC 755 | ssmmessagesinterfaceendpoint: 756 | Type: AWS::EC2::VPCEndpoint 757 | Condition: CreateSSMEndpoints 758 | Properties: 759 | VpcEndpointType: "Interface" 760 | PrivateDnsEnabled: "True" 761 | SubnetIds: 762 | - !Ref SubnetPrivA 763 | - !Ref SubnetPrivB 764 | - !Ref SubnetPrivC 765 | SecurityGroupIds: 766 | - !If [EnableIPv6, !Ref GeneralSGIPv6, !Ref GeneralSGIPv4] 767 | ServiceName: !Sub com.amazonaws.${AWS::Region}.ssmmessages 768 | VpcId: !Ref VPC 769 | GeneralSGIPv4: 770 | Condition: DisableIPv6 771 | Type: 'AWS::EC2::SecurityGroup' 772 | Properties: 773 | VpcId: !Ref VPC 774 | GroupDescription: Default A4L AWS SG 775 | SecurityGroupIngress: 776 | - Description: 'Allow SSH IPv4 IN' 777 | IpProtocol: tcp 778 | FromPort: '22' 779 | ToPort: '22' 780 | CidrIp: '0.0.0.0/0' 781 | - Description: 'Allow HTTP IPv4 IN' 782 | IpProtocol: tcp 783 | FromPort: '80' 784 | ToPort: '80' 785 | CidrIp: '0.0.0.0/0' 786 | SecurityGroupEgress: 787 | - Description: 'Allow all IPv4 Out' 788 | CidrIp: 0.0.0.0/0 789 | IpProtocol: "-1" 790 | GeneralSGIPv6: 791 | Condition: EnableIPv6 792 | Type: 'AWS::EC2::SecurityGroup' 793 | Properties: 794 | VpcId: !Ref VPC 795 | GroupDescription: Default A4L AWS SG 796 | SecurityGroupIngress: 797 | - Description: 'Allow SSH IPv4 IN' 798 | IpProtocol: tcp 799 | FromPort: '22' 800 | ToPort: '22' 801 | CidrIp: '0.0.0.0/0' 802 | - Description: 'Allow SSH IPv6 IN' 803 | IpProtocol: tcp 804 | FromPort: '22' 805 | ToPort: '22' 806 | CidrIpv6: ::/0 807 | - Description: 'Allow HTTP IPv4 IN' 808 | IpProtocol: tcp 809 | FromPort: '80' 810 | ToPort: '80' 811 | CidrIp: '0.0.0.0/0' 812 | - Description: 'Allow HTTP IPv6 IN' 813 | IpProtocol: tcp 814 | FromPort: '80' 815 | ToPort: '80' 816 | CidrIpv6: ::/0 817 | SecurityGroupEgress: 818 | - Description: 'Allow all IPv4 Out' 819 | CidrIp: 0.0.0.0/0 820 | IpProtocol: "-1" 821 | - Description: 'Allow all IPv6 Out' 822 | CidrIpv6: ::/0 823 | IpProtocol: "-1" 824 | GeneralSGIPv4SelfReferenceRule: 825 | Condition: DisableIPv6 826 | Type: "AWS::EC2::SecurityGroupIngress" 827 | Properties: 828 | GroupId: !Ref GeneralSGIPv4 829 | IpProtocol: '-1' 830 | SourceSecurityGroupId: !Ref GeneralSGIPv4 831 | GeneralSGIPv6SelfReferenceRule: 832 | Condition: EnableIPv6 833 | Type: "AWS::EC2::SecurityGroupIngress" 834 | Properties: 835 | GroupId: !Ref GeneralSGIPv6 836 | IpProtocol: '-1' 837 | SourceSecurityGroupId: !Ref GeneralSGIPv6 838 | NetworkAclPublic: 839 | Type: 'AWS::EC2::NetworkAcl' 840 | Properties: 841 | VpcId: !Ref VPC 842 | Tags: 843 | - Key: Name 844 | Value: A4L-NACL-PUBLIC 845 | NetworkAclPrivate: 846 | Type: 'AWS::EC2::NetworkAcl' 847 | Properties: 848 | VpcId: !Ref VPC 849 | Tags: 850 | - Key: Name 851 | Value: A4L-NACL-PRIVATE 852 | SubnetNetworkAclAssociationRESERVEDA: 853 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 854 | Properties: 855 | SubnetId: !Ref SubnetReservedA 856 | NetworkAclId: !Ref NetworkAclPrivate 857 | SubnetNetworkAclAssociationDBA: 858 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 859 | Properties: 860 | SubnetId: !Ref SubnetDBA 861 | NetworkAclId: !Ref NetworkAclPrivate 862 | SubnetNetworkAclAssociationPrivA: 863 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 864 | Properties: 865 | SubnetId: !Ref SubnetPrivA 866 | NetworkAclId: !Ref NetworkAclPrivate 867 | SubnetNetworkAclAssociationPubA: 868 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 869 | Properties: 870 | SubnetId: !Ref SubnetPubA 871 | NetworkAclId: !Ref NetworkAclPublic 872 | SubnetNetworkAclAssociationRESERVEDB: 873 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 874 | Properties: 875 | SubnetId: !Ref SubnetReservedB 876 | NetworkAclId: !Ref NetworkAclPrivate 877 | SubnetNetworkAclAssociationDBB: 878 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 879 | Properties: 880 | SubnetId: !Ref SubnetDBB 881 | NetworkAclId: !Ref NetworkAclPrivate 882 | SubnetNetworkAclAssociationPrivB: 883 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 884 | Properties: 885 | SubnetId: !Ref SubnetPrivB 886 | NetworkAclId: !Ref NetworkAclPrivate 887 | SubnetNetworkAclAssociationPubB: 888 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 889 | Properties: 890 | SubnetId: !Ref SubnetPubB 891 | NetworkAclId: !Ref NetworkAclPublic 892 | SubnetNetworkAclAssociationRESERVEDC: 893 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 894 | Properties: 895 | SubnetId: !Ref SubnetReservedC 896 | NetworkAclId: !Ref NetworkAclPrivate 897 | SubnetNetworkAclAssociationDBC: 898 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 899 | Properties: 900 | SubnetId: !Ref SubnetDBC 901 | NetworkAclId: !Ref NetworkAclPrivate 902 | SubnetNetworkAclAssociationPrivC: 903 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 904 | Properties: 905 | SubnetId: !Ref SubnetPrivC 906 | NetworkAclId: !Ref NetworkAclPrivate 907 | SubnetNetworkAclAssociationPubC: 908 | Type: 'AWS::EC2::SubnetNetworkAclAssociation' 909 | Properties: 910 | SubnetId: !Ref SubnetPubC 911 | NetworkAclId: !Ref NetworkAclPublic 912 | NACLPubAllowAllIPv4In: 913 | Type: 'AWS::EC2::NetworkAclEntry' 914 | Properties: 915 | NetworkAclId: !Ref NetworkAclPublic 916 | RuleNumber: 100 917 | Protocol: -1 918 | RuleAction: allow 919 | Egress: false 920 | CidrBlock: '0.0.0.0/0' 921 | NACLPrivAllowAllIPv4In: 922 | Type: 'AWS::EC2::NetworkAclEntry' 923 | Properties: 924 | NetworkAclId: !Ref NetworkAclPrivate 925 | RuleNumber: 100 926 | Protocol: -1 927 | RuleAction: allow 928 | Egress: false 929 | CidrBlock: '0.0.0.0/0' 930 | NACLPublicAllowAllIPv6In: 931 | Condition: EnableIPv6 932 | Type: 'AWS::EC2::NetworkAclEntry' 933 | Properties: 934 | NetworkAclId: !Ref NetworkAclPublic 935 | RuleNumber: 101 936 | Protocol: -1 937 | RuleAction: allow 938 | Egress: false 939 | Ipv6CidrBlock: '::/0' 940 | NACLPrivAllowAllIPv6In: 941 | Condition: EnableIPv6 942 | Type: 'AWS::EC2::NetworkAclEntry' 943 | Properties: 944 | NetworkAclId: !Ref NetworkAclPrivate 945 | RuleNumber: 101 946 | Protocol: -1 947 | RuleAction: allow 948 | Egress: false 949 | Ipv6CidrBlock: '::/0' 950 | NACLPubAllowAllIPv4Out: 951 | Type: 'AWS::EC2::NetworkAclEntry' 952 | Properties: 953 | NetworkAclId: !Ref NetworkAclPublic 954 | RuleNumber: 100 955 | Protocol: -1 956 | RuleAction: allow 957 | Egress: true 958 | CidrBlock: '0.0.0.0/0' 959 | NACLPrivAllowAllIPv4Out: 960 | Type: 'AWS::EC2::NetworkAclEntry' 961 | Properties: 962 | NetworkAclId: !Ref NetworkAclPrivate 963 | RuleNumber: 100 964 | Protocol: -1 965 | RuleAction: allow 966 | Egress: true 967 | CidrBlock: '0.0.0.0/0' 968 | NACLPublicAllowAllIPv6Out: 969 | Condition: EnableIPv6 970 | Type: 'AWS::EC2::NetworkAclEntry' 971 | Properties: 972 | NetworkAclId: !Ref NetworkAclPublic 973 | RuleNumber: 101 974 | Protocol: -1 975 | RuleAction: allow 976 | Egress: true 977 | Ipv6CidrBlock: '::/0' 978 | NACLPrivAllowAllIPv6Out: 979 | Condition: EnableIPv6 980 | Type: 'AWS::EC2::NetworkAclEntry' 981 | Properties: 982 | NetworkAclId: !Ref NetworkAclPrivate 983 | RuleNumber: 101 984 | Protocol: -1 985 | RuleAction: allow 986 | Egress: true 987 | Ipv6CidrBlock: '::/0' 988 | SessionManagerRole: 989 | Type: 'AWS::IAM::Role' 990 | Properties: 991 | AssumeRolePolicyDocument: 992 | Version: 2012-10-17 993 | Statement: 994 | - Effect: Allow 995 | Principal: 996 | Service: 997 | - ec2.amazonaws.com 998 | Action: 999 | - 'sts:AssumeRole' 1000 | Path: / 1001 | Policies: 1002 | - PolicyName: root 1003 | PolicyDocument: 1004 | Version: 2012-10-17 1005 | Statement: 1006 | - Effect: Allow 1007 | Action: 1008 | - 'ssm:DescribeAssociation' 1009 | - 'ssm:GetDeployablePatchSnapshotForInstance' 1010 | - 'ssm:GetDocument' 1011 | - 'ssm:DescribeDocument' 1012 | - 'ssm:GetManifest' 1013 | - 'ssm:GetParameter' 1014 | - 'ssm:GetParameters' 1015 | - 'ssm:ListAssociations' 1016 | - 'ssm:ListInstanceAssociations' 1017 | - 'ssm:PutInventory' 1018 | - 'ssm:PutComplianceItems' 1019 | - 'ssm:PutConfigurePackageResult' 1020 | - 'ssm:UpdateAssociationStatus' 1021 | - 'ssm:UpdateInstanceAssociationStatus' 1022 | - 'ssm:UpdateInstanceInformation' 1023 | Resource: '*' 1024 | - Effect: Allow 1025 | Action: 1026 | - 'ssmmessages:CreateControlChannel' 1027 | - 'ssmmessages:CreateDataChannel' 1028 | - 'ssmmessages:OpenControlChannel' 1029 | - 'ssmmessages:OpenDataChannel' 1030 | Resource: '*' 1031 | - Effect: Allow 1032 | Action: 1033 | - 'ec2messages:AcknowledgeMessage' 1034 | - 'ec2messages:DeleteMessage' 1035 | - 'ec2messages:FailMessage' 1036 | - 'ec2messages:GetEndpoint' 1037 | - 'ec2messages:GetMessages' 1038 | - 'ec2messages:SendReply' 1039 | Resource: '*' 1040 | SessionManagerInstanceProfile: 1041 | Type: 'AWS::IAM::InstanceProfile' 1042 | Properties: 1043 | Path: / 1044 | Roles: 1045 | - !Ref SessionManagerRole 1046 | 1047 | --------------------------------------------------------------------------------