vpc-stack-prime.yaml

AWSTemplateFormatVersion: '2010-09-09'
Description: AWS CloudFormation template to create VPC, IGW, subnets, route tables, EC2 instances, and ALB

Resources:
  # Create a VPC
  MyVPC:
    Type: 'AWS::EC2::VPC'
    Properties: 
      CidrBlock: 10.0.0.0/16
      EnableDnsSupport: true
      EnableDnsHostnames: true
      Tags:
        - Key: Name
          Value: prod-demo-vpc

  # Create an Internet Gateway
  MyInternetGateway:
    Type: 'AWS::EC2::InternetGateway'
    Properties:
      Tags:
        - Key: Name
          Value: prod-demo-igw

  # Attach Internet Gateway to VPC
  AttachGateway:
    Type: 'AWS::EC2::VPCGatewayAttachment'
    Properties:
      VpcId: !Ref MyVPC
      InternetGatewayId: !Ref MyInternetGateway

  # Create Public Subnets
  PublicSubnet1:
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.3.0/24
      AvailabilityZone: us-east-1a
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: PublicSubnet-1

  PublicSubnet2:
    Type: 'AWS::EC2::Subnet'
    Properties:
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.5.0/24
      AvailabilityZone: us-east-1b
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: PublicSubnet-2

  # Create a Public Route Table
  PublicRouteTable:
    Type: 'AWS::EC2::RouteTable'
    Properties:
      VpcId: !Ref MyVPC
      Tags:
        - Key: Name
          Value: PublicRouteTable

  # Create a Route to Internet Gateway for Public Route Table
  PublicRoute:
    Type: 'AWS::EC2::Route'
    DependsOn: AttachGateway
    Properties:
      RouteTableId: !Ref PublicRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref MyInternetGateway

  # Associate Public Subnets with Public Route Table
  PublicSubnetRouteTableAssociation:
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      SubnetId: !Ref PublicSubnet1
      RouteTableId: !Ref PublicRouteTable

  PublicSubnet2RouteTableAssociation:
    Type: 'AWS::EC2::SubnetRouteTableAssociation'
    Properties:
      SubnetId: !Ref PublicSubnet2
      RouteTableId: !Ref PublicRouteTable

  # Create a Security Group for EC2 instances
  InstanceSecurityGroup:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: Enable SSH access
      VpcId: !Ref MyVPC
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: '22'
          ToPort: '22'
          CidrIp: 0.0.0.0/0
      Tags:
        - Key: Name
          Value: InstanceSecurityGroup

  # Create a Security Group for Load Balancer
  LoadBalancerSecurityGroup:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupDescription: Allow HTTP traffic
      VpcId: !Ref MyVPC
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
      Tags:
        - Key: Name
          Value: LoadBalancerSecurityGroup

  # Create EC2 Instances
  EC2InstancePublic1:
    Type: 'AWS::EC2::Instance'
    Properties:
      InstanceType: t2.micro
      SubnetId: !Ref PublicSubnet1
      SecurityGroupIds: 
        - !Ref InstanceSecurityGroup
      ImageId: ami-0583d8c7a9c35822c
      KeyName: sample-keypair
      Tags:
        - Key: Name
          Value: PublicEC2Instance1

  EC2InstancePublic2:
    Type: 'AWS::EC2::Instance'
    Properties:
      InstanceType: t2.micro
      SubnetId: !Ref PublicSubnet2
      SecurityGroupIds: 
        - !Ref InstanceSecurityGroup
      ImageId: ami-0583d8c7a9c35822c
      KeyName: sample-keypair
      Tags:
        - Key: Name
          Value: PublicEC2Instance2

  # Create an Application Load Balancer
  MyLoadBalancer:
    Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
    Properties:
      Name: MyApplicationLoadBalancer
      Subnets: 
        - !Ref PublicSubnet1
        - !Ref PublicSubnet2
      SecurityGroups:
        - !Ref LoadBalancerSecurityGroup
      Scheme: internet-facing
      IpAddressType: ipv4
      Tags:
        - Key: Name
          Value: prod-alb-demo

  # Create a Target Group
  MyTargetGroup:
    Type: 'AWS::ElasticLoadBalancingV2::TargetGroup'
    Properties:
      Name: MyTargetGroup
      VpcId: !Ref MyVPC
      Protocol: HTTP
      Port: 80
      TargetType: instance
      Targets:
        - Id: !Ref EC2InstancePublic1
        - Id: !Ref EC2InstancePublic2
      HealthCheckProtocol: HTTP
      HealthCheckPort: traffic-port
      HealthCheckPath: /
      HealthCheckIntervalSeconds: 30
      HealthCheckTimeoutSeconds: 5
      HealthyThresholdCount: 5
      UnhealthyThresholdCount: 2
      Matcher:
        HttpCode: '200'
      Tags:
        - Key: Name
          Value: prod-demo-target-group-1

  # Create a Listener for Load Balancer
  MyLoadBalancerListener:
    Type: 'AWS::ElasticLoadBalancingV2::Listener'
    Properties:
      DefaultActions:
        - Type: forward
          TargetGroupArn: !Ref MyTargetGroup
      LoadBalancerArn: !Ref MyLoadBalancer
      Port: 80
      Protocol: HTTP



Outputs:
  VPCId:
    Description: 'VPC Id'
    Value: !Ref MyVPC

  PublicSubnetId:
    Description: 'Public Subnet Id'
    Value: !Ref PublicSubnet1

  PublicEC2InstanceId:
    Description: 'Public EC2 Instance Id'
    Value: !Ref EC2InstancePublic1

  LoadBalancerDNSName:
    Description: 'DNS name of the Load Balancer'
    Value: !GetAtt MyLoadBalancer.DNSName