in lib/aws-vpcs.ts [19:134]
constructor(scope: core.Construct, id: string, props: core.StackProps) {
super(scope, id);
this.ProductionVpc = new ec2.Vpc(this, 'Production', {
cidr: '10.50.0.0/16',
maxAzs: 2,
natGateways: 1,
subnetConfiguration: [
{
cidrMask: 23,
subnetType: ec2.SubnetType.PUBLIC,
name: 'DMZ',
},
{
cidrMask: 23,
name: 'Application',
subnetType: ec2.SubnetType.PRIVATE,
},
{
cidrMask: 23,
name: 'Database',
subnetType: ec2.SubnetType.ISOLATED,
}
],
gatewayEndpoints: {
S3: {
service: ec2.GatewayVpcEndpointAwsService.S3,
}
}
});
this.DevelopmentVpc = new ec2.Vpc(this, 'Development', {
cidr: '10.60.0.0/16',
maxAzs: 2,
natGateways: 1,
subnetConfiguration: [
{
cidrMask: 23,
subnetType: ec2.SubnetType.PUBLIC,
name: 'DMZ',
},
{
cidrMask: 23,
name: 'Application',
subnetType: ec2.SubnetType.PRIVATE,
},
{
cidrMask: 23,
name: 'Database',
subnetType: ec2.SubnetType.ISOLATED,
}
],
gatewayEndpoints: {
S3: {
service: ec2.GatewayVpcEndpointAwsService.S3,
}
}
});
let managementCidr = '10.70.0.0/16';
let baseRangeAndMask = managementCidr.split('/');
let baseRangeOctets = baseRangeAndMask[0].split('.');
let baseOctetPlusTwo = Number(baseRangeOctets[3]) + 2;
this.ManagementVpcDnsIp = `${baseRangeOctets[0]}.${baseRangeOctets[1]}.${baseRangeOctets[2]}.${baseOctetPlusTwo}`;
this.ManagementVPC = new ec2.Vpc(this, 'Management', {
cidr: managementCidr,
maxAzs: 2,
natGateways: 1,
subnetConfiguration: [
{
cidrMask: 23,
subnetType: ec2.SubnetType.PUBLIC,
name: 'DMZ',
},
{
cidrMask: 23,
name: 'Application',
subnetType: ec2.SubnetType.PRIVATE,
}
]
});
const mgmtToProductionPeering = new ec2.CfnVPCPeeringConnection(this, 'ManagementToProductionPeering', {
vpcId: this.ManagementVPC.vpcId,
peerVpcId: this.ProductionVpc.vpcId
});
const mgmtToDevPeering = new ec2.CfnVPCPeeringConnection(this, 'ManagementToDevelopmentPeering', {
vpcId: this.ManagementVPC.vpcId,
peerVpcId: this.DevelopmentVpc.vpcId
});
const publicSubnetSelection = { subnetType: ec2.SubnetType.PUBLIC };
const privateSubnetSelection = { subnetType: ec2.SubnetType.PRIVATE };
const isolatedSubnetSelection = { subnetType: ec2.SubnetType.ISOLATED };
// Management <-> Dev
this.createRoutesForSubnetClass(`mgmtPublicToDev`,this.ManagementVPC, publicSubnetSelection, this.DevelopmentVpc, mgmtToDevPeering );
this.createRoutesForSubnetClass(`mgmtPrivateToDev`,this.ManagementVPC, privateSubnetSelection, this.DevelopmentVpc, mgmtToDevPeering );
this.createRoutesForSubnetClass(`devPublicToMgmt`,this.DevelopmentVpc, publicSubnetSelection, this.ManagementVPC, mgmtToDevPeering );
this.createRoutesForSubnetClass(`devPrivateToMgmt`,this.DevelopmentVpc, privateSubnetSelection, this.ManagementVPC, mgmtToDevPeering );
this.createRoutesForSubnetClass(`devIsolatedToMgmt`,this.DevelopmentVpc, isolatedSubnetSelection, this.ManagementVPC, mgmtToDevPeering );
// Management <-> Prod
this.createRoutesForSubnetClass(`mgmtPublicToProd`,this.ManagementVPC, publicSubnetSelection, this.ProductionVpc, mgmtToProductionPeering );
this.createRoutesForSubnetClass(`mgmtPrivateToProd`,this.ManagementVPC, privateSubnetSelection, this.ProductionVpc, mgmtToProductionPeering );
this.createRoutesForSubnetClass(`prodPublicToMgmt`,this.ProductionVpc, publicSubnetSelection, this.ManagementVPC, mgmtToProductionPeering );
this.createRoutesForSubnetClass(`prodPrivateToMgmt`,this.ProductionVpc, privateSubnetSelection, this.ManagementVPC, mgmtToProductionPeering );
//this.createRoutesForSubnetClass(`ProdIsolatedToMgmt`,developmentVPC, isolatedSubnetSelection, managementVPC, mgmtToDevPeering );
}