add blueprint

adding readme

modifying readme

further readme

updating readme

adding the readme

underscores

description more info

new value

update stuff

next commit

change

update

finishing touches

README.md

@@ -0,0 +1,64 @@
+
+# VPC-Scenario2
+
+Amazon's [VPC Scenario 2](https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html) is the classic network architecture. It can support public-facing and private components.
+
+### Resources Created
+
+  * A `vpc`.
+  * An `internet_gateway`.
+  * A `public_subnet`.
+  * A `private_subnet`.
+  * A `public_subnet_routetable`.
+  * A `private_subnet_routetable`.
+  * A `route_public_subnet_internet_gateway`.
+  * A `nat_gateway_ip` - created with the `update-blueprint.yaml`.
+  * A `nat_gateway` - created with the `update-blueprint.yaml`.
+  * A `route_private_subnet_nat_gateway` - created with the `update-blueprint.yaml`.
+
+
+## Compatibility
+
+Tested with:
+  * Cloudify 4.2
+
+
+## Pre-installation steps
+
+Upload the required plugins:
+
+  * [AWSSDK Plugin](https://github.com/cloudify-incubator/cloudify-awssdk-plugin/releases).
+
+_Check the blueprint for the exact version of the plugin._
+
+
+If you do not provide your own `deployment inputs` below, you must add these secrets to your Cloudify Manager `tenant`:
+
+  * aws_access_key_id
+  * aws_secret_access_key
+  * ec2_region_name, such as `us-east-1`.
+  * ec2_region_endpoint, such as `ec2.us-east-1.amazonaws.com`.
+  * availability_zone, such as `us-east-1c`.
+
+
+## Installation
+
+On your Cloudify Manager, navigate to `Local Blueprints` select `Upload`.
+
+[Right-click and copy URL](https://github.com/cloudify-examples/vpc-scenario2-blueprint/archive/master.zip). Paste where it says `Enter blueprint url`. Provide a blueprint name, such as `aws-vpc-scenario2` in the field labeled `blueprint name`. Select `simple-blueprint.yaml` from `Blueprint filename` menu.
+
+After the new blueprint has been created, click the `Deploy` button.
+
+Navigate to `Deployments`, find your new deployment, select `Install` from the `workflow`'s menu. At this stage, you may provide your own values for any of the default `deployment inputs`.
+
+
+## Update Deployment
+
+In order to provide outbound internet access to the private subnet, you can update the deployment.
+
+Navigate to `Deployments`, find your deployment, click on it. Once the deployment's page has loaded, click the `Update Deployment` button. [Right-click and copy URL](https://github.com/cloudify-examples/vpc-scenario2-blueprint/archive/master.zip). Paste where it says `Enter new blueprint url`. This time, select `update-blueprint.yaml` from `Blueprint filename` menu.
+
+
+## Uninstallation
+
+Navigate to the deployment and select `Uninstall`. When the uninstall workflow is finished, select `Delete deployment`.

simple-blueprint.yaml

@@ -0,0 +1,145 @@
+tosca_definitions_version: cloudify_dsl_1_3
+
+description: >
+  Create an AWS VPC based on the Scenario 2 design.
+
+imports:
+  - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml
+  - http://www.getcloudify.org/spec/awssdk-plugin/1.2.0.1/plugin.yaml
+
+inputs:
+
+  aws_access_key_id:
+    description: YOUR AWS ACCESS KEY ID
+    default: { get_secret: aws_access_key_id }
+
+  aws_secret_access_key:
+    description: YOUR AWS SECRET ACCESS KEY
+    default: { get_secret: aws_secret_access_key }
+
+  ec2_region_name:
+    default: { get_secret: ec2_region_name }
+
+  ec2_region_endpoint:
+    default: { get_secret: ec2_region_endpoint }
+
+  availability_zone:
+    default: { get_secret: availability_zone }
+
+  vpc_cidr:
+    default: 10.10.0.0/16
+
+  public_subnet_cidr:
+    default: 10.10.0.0/24
+
+  private_subnet_cidr:
+    default: 10.10.1.0/24
+
+dsl_definitions:
+
+  aws_config: &client_config
+    aws_access_key_id: { get_input: aws_access_key_id }
+    aws_secret_access_key: { get_input: aws_secret_access_key }
+    region_name: { get_input: ec2_region_name }
+
+node_templates:
+
+  vpc:
+    type: cloudify.nodes.aws.ec2.Vpc
+    properties:
+      resource_config:
+        kwargs:
+          CidrBlock: { get_input: vpc_cidr }
+      client_config: *client_config
+
+  internet_gateway:
+    type: cloudify.nodes.aws.ec2.InternetGateway
+    properties:
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.connected_to
+      target: vpc
+
+  public_subnet:
+    type: cloudify.nodes.aws.ec2.Subnet
+    properties:
+      resource_config:
+        kwargs:
+          CidrBlock: { get_input: public_subnet_cidr }
+          AvailabilityZone: { get_input: availability_zone }
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.depends_on
+      target: vpc
+    - type: cloudify.relationships.depends_on
+      target: internet_gateway
+
+  private_subnet:
+    type: cloudify.nodes.aws.ec2.Subnet
+    properties:
+      resource_config:
+        kwargs:
+          CidrBlock: { get_input: private_subnet_cidr }
+          AvailabilityZone: { get_input: availability_zone }
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.depends_on
+      target: vpc
+    - type: cloudify.relationships.depends_on
+      target: internet_gateway
+
+  public_subnet_routetable:
+    type: cloudify.nodes.aws.ec2.RouteTable
+    properties:
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.contained_in
+      target: vpc
+    - type: cloudify.relationships.connected_to
+      target: public_subnet
+
+  private_subnet_routetable:
+    type: cloudify.nodes.aws.ec2.RouteTable
+    properties:
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.contained_in
+      target: vpc
+    - type: cloudify.relationships.connected_to
+      target: private_subnet
+
+  route_public_subnet_internet_gateway:
+    type: cloudify.nodes.aws.ec2.Route
+    properties:
+      resource_config:
+        kwargs:
+          DestinationCidrBlock: '0.0.0.0/0'
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.contained_in
+      target: public_subnet_routetable
+    - type: cloudify.relationships.connected_to
+      target: internet_gateway
+    interfaces:
+      cloudify.interfaces.lifecycle:
+        stop: {}
+
+outputs:
+
+  vpc_id:
+    value: { get_attribute: [ vpc, aws_resource_id ] }
+
+  public_subnet_id:
+    value: { get_attribute: [ public_subnet, aws_resource_id ] }
+
+  private_subnet_id:
+    value: { get_attribute: [ private_subnet, aws_resource_id ] }
+
+  ec2_region_name:
+    value: { get_input: ec2_region_name }
+
+  ec2_region_endpoint:
+    value: { get_input: ec2_region_endpoint }
+
+  availability_zone:
+    value: { get_input: availability_zone }

update-blueprint.yaml

@@ -0,0 +1,182 @@
+tosca_definitions_version: cloudify_dsl_1_3
+
+description: >
+  Create an AWS VPC based on the Scenario 2 design.
+
+imports:
+  - http://www.getcloudify.org/spec/cloudify/4.2/types.yaml
+  - http://www.getcloudify.org/spec/awssdk-plugin/1.2.0.1/plugin.yaml
+
+inputs:
+
+  aws_access_key_id:
+    description: YOUR AWS ACCESS KEY ID
+    default: { get_secret: aws_access_key_id }
+
+  aws_secret_access_key:
+    description: YOUR AWS SECRET ACCESS KEY
+    default: { get_secret: aws_secret_access_key }
+
+  ec2_region_name:
+    default: { get_secret: ec2_region_name }
+
+  ec2_region_endpoint:
+    default: { get_secret: ec2_region_endpoint }
+
+  availability_zone:
+    default: { get_secret: availability_zone }
+
+  vpc_cidr:
+    default: 10.10.0.0/16
+
+  public_subnet_cidr:
+    default: 10.10.0.0/24
+
+  private_subnet_cidr:
+    default: 10.10.1.0/24
+
+dsl_definitions:
+
+  aws_config: &client_config
+    aws_access_key_id: { get_input: aws_access_key_id }
+    aws_secret_access_key: { get_input: aws_secret_access_key }
+    region_name: { get_input: ec2_region_name }
+
+node_templates:
+
+  vpc:
+    type: cloudify.nodes.aws.ec2.Vpc
+    properties:
+      resource_config:
+        kwargs:
+          CidrBlock: { get_input: vpc_cidr }
+      client_config: *client_config
+
+  internet_gateway:
+    type: cloudify.nodes.aws.ec2.InternetGateway
+    properties:
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.connected_to
+      target: vpc
+
+  public_subnet:
+    type: cloudify.nodes.aws.ec2.Subnet
+    properties:
+      resource_config:
+        kwargs:
+          CidrBlock: { get_input: public_subnet_cidr }
+          AvailabilityZone: { get_input: availability_zone }
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.depends_on
+      target: vpc
+    - type: cloudify.relationships.depends_on
+      target: internet_gateway
+
+  private_subnet:
+    type: cloudify.nodes.aws.ec2.Subnet
+    properties:
+      resource_config:
+        kwargs:
+          CidrBlock: { get_input: private_subnet_cidr }
+          AvailabilityZone: { get_input: availability_zone }
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.depends_on
+      target: vpc
+    - type: cloudify.relationships.depends_on
+      target: internet_gateway
+
+  public_subnet_routetable:
+    type: cloudify.nodes.aws.ec2.RouteTable
+    properties:
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.contained_in
+      target: vpc
+    - type: cloudify.relationships.connected_to
+      target: public_subnet
+
+  private_subnet_routetable:
+    type: cloudify.nodes.aws.ec2.RouteTable
+    properties:
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.contained_in
+      target: vpc
+    - type: cloudify.relationships.connected_to
+      target: private_subnet
+
+  route_public_subnet_internet_gateway:
+    type: cloudify.nodes.aws.ec2.Route
+    properties:
+      resource_config:
+        kwargs:
+          DestinationCidrBlock: '0.0.0.0/0'
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.contained_in
+      target: public_subnet_routetable
+    - type: cloudify.relationships.connected_to
+      target: internet_gateway
+    interfaces:
+      cloudify.interfaces.lifecycle:
+        stop: {}
+
+  nat_gateway_ip:
+    type: cloudify.nodes.aws.ec2.ElasticIP
+    properties:
+      resource_config:
+        kwargs:
+          Domain: 'vpc'
+      client_config: *client_config
+    interfaces:
+      cloudify.interfaces.lifecycle:
+        stop: {}
+
+  nat_gateway:
+    type: cloudify.nodes.aws.ec2.NATGateway
+    properties:
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.depends_on
+      target: public_subnet
+    - type: cloudify.relationships.depends_on
+      target: nat_gateway_ip
+
+  route_private_subnet_nat_gateway:
+    type: cloudify.nodes.aws.ec2.Route
+    properties:
+      resource_config:
+        kwargs:
+          DestinationCidrBlock: '0.0.0.0/0'
+      client_config: *client_config
+    relationships:
+    - type: cloudify.relationships.contained_in
+      target: private_subnet_routetable
+    - type: cloudify.relationships.connected_to
+      target: nat_gateway
+    interfaces:
+      cloudify.interfaces.lifecycle:
+        stop: {}
+
+outputs:
+
+  vpc_id:
+    value: { get_attribute: [ vpc, aws_resource_id ] }
+
+  public_subnet_id:
+    value: { get_attribute: [ public_subnet, aws_resource_id ] }
+
+  private_subnet_id:
+    value: { get_attribute: [ private_subnet, aws_resource_id ] }
+
+  ec2_region_name:
+    value: { get_input: ec2_region_name }
+
+  ec2_region_endpoint:
+    value: { get_input: ec2_region_endpoint }
+
+  availability_zone:
+    value: { get_input: availability_zone }