├── .github └── PULL_REQUEST_TEMPLATE.md ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── LICENSE ├── README.md └── templates └── SQS-VPCE-Tutorial-CloudFormation.yaml /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | *Issue #, if available:* 2 | 3 | *Description of changes:* 4 | 5 | 6 | By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. 7 | -------------------------------------------------------------------------------- /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | ## Code of Conduct 2 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 3 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 4 | opensource-codeofconduct@amazon.com with any additional questions or comments. 5 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing Guidelines 2 | 3 | Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional 4 | documentation, we greatly value feedback and contributions from our community. 5 | 6 | Please read through this document before submitting any issues or pull requests to ensure we have all the necessary 7 | information to effectively respond to your bug report or contribution. 8 | 9 | 10 | ## Reporting Bugs/Feature Requests 11 | 12 | We welcome you to use the GitHub issue tracker to report bugs or suggest features. 13 | 14 | When filing an issue, please check [existing open](https://github.com/aws-samples/aws-sqs-vpce-tutorial/issues), or [recently closed](https://github.com/aws-samples/aws-sqs-vpce-tutorial/issues?utf8=%E2%9C%93&q=is%3Aissue%20is%3Aclosed%20), issues to make sure somebody else hasn't already 15 | reported the issue. Please try to include as much information as you can. Details like these are incredibly useful: 16 | 17 | * A reproducible test case or series of steps 18 | * The version of our code being used 19 | * Any modifications you've made relevant to the bug 20 | * Anything unusual about your environment or deployment 21 | 22 | 23 | ## Contributing via Pull Requests 24 | Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that: 25 | 26 | 1. You are working against the latest source on the *master* branch. 27 | 2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already. 28 | 3. You open an issue to discuss any significant work - we would hate for your time to be wasted. 29 | 30 | To send us a pull request, please: 31 | 32 | 1. Fork the repository. 33 | 2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change. 34 | 3. Ensure local tests pass. 35 | 4. Commit to your fork using clear commit messages. 36 | 5. Send us a pull request, answering any default questions in the pull request interface. 37 | 6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation. 38 | 39 | GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and 40 | [creating a pull request](https://help.github.com/articles/creating-a-pull-request/). 41 | 42 | 43 | ## Finding contributions to work on 44 | Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any ['help wanted'](https://github.com/aws-samples/aws-sqs-vpce-tutorial/labels/help%20wanted) issues is a great place to start. 45 | 46 | 47 | ## Code of Conduct 48 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 49 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 50 | opensource-codeofconduct@amazon.com with any additional questions or comments. 51 | 52 | 53 | ## Security issue notifications 54 | If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue. 55 | 56 | 57 | ## Licensing 58 | 59 | See the [LICENSE](https://github.com/aws-samples/aws-sqs-vpce-tutorial/blob/master/LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. 60 | 61 | We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes. 62 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy of this 4 | software and associated documentation files (the "Software"), to deal in the Software 5 | without restriction, including without limitation the rights to use, copy, modify, 6 | merge, publish, distribute, sublicense, and/or sell copies of the Software, and to 7 | permit persons to whom the Software is furnished to do so. 8 | 9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 10 | INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 11 | PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 12 | HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 13 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 14 | SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 15 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## VPC Endpoints for SQS Tutorial 2 | 3 | CloudFormation template used in the tutorial for creating VPC Endpoints for SQS. This template creates and configures the AWS resources needed to address the use case covered in the tutorial. 4 | 5 | ## License Summary 6 | 7 | This sample code is made available under a modified MIT license. See the LICENSE file. 8 | -------------------------------------------------------------------------------- /templates/SQS-VPCE-Tutorial-CloudFormation.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: 2010-09-09 2 | Description: CloudFormation Template for SQS VPC Endpoints Tutorial 3 | Parameters: 4 | KeyName: 5 | Description: Name of an existing EC2 KeyPair to enable SSH access to the instance 6 | Type: 'AWS::EC2::KeyPair::KeyName' 7 | ConstraintDescription: must be the name of an existing EC2 KeyPair. 8 | SSHLocation: 9 | Description: The IP address range that can be used to SSH to the EC2 instance 10 | Type: String 11 | MinLength: '9' 12 | MaxLength: '18' 13 | Default: 0.0.0.0/0 14 | AllowedPattern: '(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})' 15 | ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x. 16 | Conditions: 17 | IsT3Supported: !Equals [!Ref 'AWS::Region', eu-north-1] 18 | Mappings: 19 | RegionMap: 20 | us-east-1: 21 | AMI: ami-428aa838 22 | us-east-2: 23 | AMI: ami-710e2414 24 | us-west-1: 25 | AMI: ami-4a787a2a 26 | us-west-2: 27 | AMI: ami-7f43f307 28 | ap-northeast-1: 29 | AMI: ami-c2680fa4 30 | ap-northeast-2: 31 | AMI: ami-3e04a450 32 | ap-southeast-1: 33 | AMI: ami-4f89f533 34 | ap-southeast-2: 35 | AMI: ami-38708c5a 36 | ap-south-1: 37 | AMI: ami-3b2f7954 38 | ca-central-1: 39 | AMI: ami-7549cc11 40 | eu-central-1: 41 | AMI: ami-1b2bb774 42 | eu-west-1: 43 | AMI: ami-db1688a2 44 | eu-west-2: 45 | AMI: ami-6d263d09 46 | eu-north-1: 47 | AMI: ami-87fe70f9 48 | eu-west-3: 49 | AMI: ami-5ce55321 50 | sa-east-1: 51 | AMI: ami-f1337e9d 52 | Resources: 53 | VPC: 54 | Type: 'AWS::EC2::VPC' 55 | Properties: 56 | CidrBlock: 10.0.0.0/16 57 | EnableDnsSupport: 'true' 58 | EnableDnsHostnames: 'true' 59 | Tags: 60 | - Key: Name 61 | Value: SQS-VPCE-Tutorial-VPC 62 | Subnet: 63 | Type: 'AWS::EC2::Subnet' 64 | Properties: 65 | VpcId: !Ref VPC 66 | CidrBlock: 10.0.0.0/24 67 | Tags: 68 | - Key: Name 69 | Value: SQS-VPCE-Tutorial-Subnet 70 | InternetGateway: 71 | Type: 'AWS::EC2::InternetGateway' 72 | Properties: 73 | Tags: 74 | - Key: Name 75 | Value: SQS-VPCE-Tutorial-InternetGateway 76 | VPCGatewayAttachment: 77 | Type: 'AWS::EC2::VPCGatewayAttachment' 78 | Properties: 79 | VpcId: !Ref VPC 80 | InternetGatewayId: !Ref InternetGateway 81 | RouteTable: 82 | Type: 'AWS::EC2::RouteTable' 83 | Properties: 84 | VpcId: !Ref VPC 85 | Tags: 86 | - Key: Name 87 | Value: SQS-VPCE-Tutorial-RouteTable 88 | SubnetRouteTableAssociation: 89 | Type: 'AWS::EC2::SubnetRouteTableAssociation' 90 | Properties: 91 | RouteTableId: !Ref RouteTable 92 | SubnetId: !Ref Subnet 93 | InternetGatewayRoute: 94 | Type: 'AWS::EC2::Route' 95 | Properties: 96 | RouteTableId: !Ref RouteTable 97 | GatewayId: !Ref InternetGateway 98 | DestinationCidrBlock: 0.0.0.0/0 99 | SecurityGroup: 100 | Type: 'AWS::EC2::SecurityGroup' 101 | Properties: 102 | GroupName: SQS VPCE Tutorial Security Group 103 | GroupDescription: Security group for SQS VPC endpoint tutorial 104 | VpcId: !Ref VPC 105 | SecurityGroupIngress: 106 | - IpProtocol: '-1' 107 | CidrIp: 10.0.0.0/16 108 | - IpProtocol: tcp 109 | FromPort: '22' 110 | ToPort: '22' 111 | CidrIp: !Ref SSHLocation 112 | SecurityGroupEgress: 113 | - IpProtocol: '-1' 114 | CidrIp: 10.0.0.0/16 115 | Tags: 116 | - Key: Name 117 | Value: SQS-VPCE-Tutorial-SecurityGroup 118 | EC2Instance: 119 | Type: 'AWS::EC2::Instance' 120 | Properties: 121 | KeyName: !Ref KeyName 122 | InstanceType: !If [IsT3Supported, t3.micro, t2.micro] 123 | ImageId: !FindInMap 124 | - RegionMap 125 | - !Ref 'AWS::Region' 126 | - AMI 127 | NetworkInterfaces: 128 | - AssociatePublicIpAddress: 'true' 129 | DeviceIndex: '0' 130 | GroupSet: 131 | - !Ref SecurityGroup 132 | SubnetId: !Ref Subnet 133 | IamInstanceProfile: !Ref EC2InstanceProfile 134 | Tags: 135 | - Key: Name 136 | Value: SQS-VPCE-Tutorial-EC2Instance 137 | EC2InstanceProfile: 138 | Type: 'AWS::IAM::InstanceProfile' 139 | Properties: 140 | Roles: 141 | - !Ref EC2InstanceRole 142 | InstanceProfileName: !Sub 'EC2InstanceProfile-${AWS::Region}' 143 | EC2InstanceRole: 144 | Type: 'AWS::IAM::Role' 145 | Properties: 146 | RoleName: !Sub 'SQS-VPCE-Tutorial-EC2InstanceRole-${AWS::Region}' 147 | AssumeRolePolicyDocument: 148 | Version: 2012-10-17 149 | Statement: 150 | - Effect: Allow 151 | Principal: 152 | Service: ec2.amazonaws.com 153 | Action: 'sts:AssumeRole' 154 | ManagedPolicyArns: 155 | - 'arn:aws:iam::aws:policy/AmazonSQSFullAccess' 156 | CFQueue: 157 | Type: 'AWS::SQS::Queue' 158 | Properties: 159 | VisibilityTimeout: 60 160 | --------------------------------------------------------------------------------