Search

EC2

# VPC apiVersion: ec2.aws.crossplane.io/v1beta1 kind: VPC metadata: name: demo-vpc spec: forProvider: region: ap-northeast-2 cidrBlock: 10.0.0.0/16 enableDnsSupport: true enableDnsHostNames: true instanceTenancy: default tags: - key: Name value: demo-vpc providerConfigRef: name: aws-provider --- # Public Subnets apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Subnet metadata: name: demo-public-subnet-a spec: forProvider: region: ap-northeast-2 availabilityZone: ap-northeast-2a cidrBlock: 10.0.0.0/24 vpcIdRef: name: demo-vpc mapPublicIPOnLaunch: true tags: - key: Name value: demo-public-subnet-a providerConfigRef: name: aws-provider --- apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Subnet metadata: name: demo-public-subnet-b spec: forProvider: region: ap-northeast-2 availabilityZone: ap-northeast-2b cidrBlock: 10.0.1.0/24 vpcIdRef: name: demo-vpc mapPublicIPOnLaunch: true tags: - key: Name value: demo-public-subnet-b providerConfigRef: name: aws-provider --- # Private Subnets apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Subnet metadata: name: demo-private-subnet-a spec: forProvider: region: ap-northeast-2 availabilityZone: ap-northeast-2a cidrBlock: 10.0.2.0/24 vpcIdRef: name: demo-vpc mapPublicIPOnLaunch: false tags: - key: Name value: demo-private-subnet-a providerConfigRef: name: aws-provider --- apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Subnet metadata: name: demo-private-subnet-b spec: forProvider: region: ap-northeast-2 availabilityZone: ap-northeast-2b cidrBlock: 10.0.3.0/24 vpcIdRef: name: demo-vpc mapPublicIPOnLaunch: false tags: - key: Name value: demo-private-subnet-b providerConfigRef: name: aws-provider --- # Internet Gateway apiVersion: ec2.aws.crossplane.io/v1beta1 kind: InternetGateway metadata: name: demo-igw spec: forProvider: region: ap-northeast-2 vpcIdRef: name: demo-vpc tags: - key: Name value: demo-igw providerConfigRef: name: aws-provider --- # EIPs for NAT apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Address metadata: name: demo-eip-a spec: forProvider: region: ap-northeast-2 domain: vpc tags: - key: Name value: demo-eip-a providerConfigRef: name: aws-provider --- apiVersion: ec2.aws.crossplane.io/v1beta1 kind: Address metadata: name: demo-eip-b spec: forProvider: region: ap-northeast-2 domain: vpc tags: - key: Name value: demo-eip-b providerConfigRef: name: aws-provider --- # NAT Gateways apiVersion: ec2.aws.crossplane.io/v1beta1 kind: NATGateway metadata: name: demo-natgw-a spec: forProvider: region: ap-northeast-2 allocationIdRef: name: demo-eip-a subnetIdRef: name: demo-public-subnet-a tags: - key: Name value: demo-natgw-a providerConfigRef: name: aws-provider --- apiVersion: ec2.aws.crossplane.io/v1beta1 kind: NATGateway metadata: name: demo-natgw-b spec: forProvider: region: ap-northeast-2 allocationIdRef: name: demo-eip-b subnetIdRef: name: demo-public-subnet-b tags: - key: Name value: demo-natgw-b providerConfigRef: name: aws-provider --- # Route Tables apiVersion: ec2.aws.crossplane.io/v1beta1 kind: RouteTable metadata: name: demo-public-rt spec: forProvider: region: ap-northeast-2 vpcIdRef: name: demo-vpc routes: - destinationCidrBlock: 0.0.0.0/0 gatewayIdRef: name: demo-igw associations: - subnetIdRef: name: demo-public-subnet-a - subnetIdRef: name: demo-public-subnet-b tags: - key: Name value: demo-public-rt providerConfigRef: name: aws-provider --- apiVersion: ec2.aws.crossplane.io/v1beta1 kind: RouteTable metadata: name: demo-private-rt-a spec: forProvider: region: ap-northeast-2 vpcIdRef: name: demo-vpc routes: - destinationCidrBlock: 0.0.0.0/0 natGatewayIdRef: name: demo-natgw-a associations: - subnetIdRef: name: demo-private-subnet-a tags: - key: Name value: demo-private-rt-a providerConfigRef: name: aws-provider --- apiVersion: ec2.aws.crossplane.io/v1beta1 kind: RouteTable metadata: name: demo-private-rt-b spec: forProvider: region: ap-northeast-2 vpcIdRef: name: demo-vpc routes: - destinationCidrBlock: 0.0.0.0/0 natGatewayIdRef: name: demo-natgw-b associations: - subnetIdRef: name: demo-private-subnet-b tags: - key: Name value: demo-private-rt-b providerConfigRef: name: aws-provider --- # S3 VPC Endpoint apiVersion: ec2.aws.crossplane.io/v1alpha1 kind: VPCEndpoint metadata: name: demo-s3-vpc-endpoint spec: forProvider: region: ap-northeast-2 routeTableIdRefs: - name: demo-private-rt-a - name: demo-private-rt-b serviceName: com.amazonaws.ap-northeast-2.s3 vpcEndpointType: Gateway vpcIdRef: name: demo-vpc tags: Name: demo-s3-vpc-endpoint providerConfigRef: name: aws-provider --- # Security Group for EC2 apiVersion: ec2.aws.crossplane.io/v1beta1 kind: SecurityGroup metadata: name: demo-ec2-sg spec: forProvider: region: ap-northeast-2 description: Security group for EC2 instance groupName: demo-ec2-sg vpcIdRef: name: demo-vpc ingress: - fromPort: 80 ipProtocol: tcp ipRanges: - cidrIp: 0.0.0.0/0 toPort: 80 - fromPort: 22 ipProtocol: tcp ipRanges: - cidrIp: 0.0.0.0/0 toPort: 22 egress: # AWS will treat it as all ports any protocol - ipProtocol: '-1' ipRanges: - cidrIp: 0.0.0.0/0 tags: - key: Name value: demo-ec2-sg providerConfigRef: name: aws-provider --- # EC2 Instance in Public Subnet apiVersion: ec2.aws.crossplane.io/v1alpha1 kind: Instance metadata: name: demo-ec2 spec: forProvider: region: ap-northeast-2 imageId: ami-077ad873396d76f6a # Amazon Linux 2023 AMI for ap-northeast-2 instanceType: t3.micro subnetIdRef: name: demo-public-subnet-a securityGroupRefs: - name: demo-ec2-sg # userData: <base64> tags: - key: Name value: demo-ec2 providerConfigRef: name: aws-provider
YAML
복사