Simple VPC Deployment | Build & Deploy

[ajhool]

The purpose of this ticket is to deploy a simple initial VPC with Pulumi that contains basic resources in a single AZ. This deployment will not be configurable or accept parameters. It should shake out any issues with this pattern. It should

• [x] VPC
  • [x] Name
  • [x] cidrBlock
  • [x] Deployed
• [x] Public Subnet
  • [x] Name
  • [x] cidrBlock
  • [x] Deployed
• [x] Private Subnet
  • [x] Name
  • [x] cidrBlock
  • [x] vpcId
  • [x] Deployed
• [x] Internet Gateway
  • [x] Name
  • [x] vpcId
  • [x] InternetGatewayVPCAttachment
  • [x] vpcId
  • [x] InternetGatewayId
  • [x] Deployed
  • [x] Deployed
• [x] Nat Gateway
  • [x] subnetId (Public subnet)
  • [x] Elastic IP address
  • [x] Deployed
  • [x] allocationId
  • [x] Deployed
• [x] Public Subnet Routing
  • [x] RouteTable
  • [x] name
  • [x] vpcId
  • [x] deployed
  • [x] Route
  • [x] name
  • [x] vpcId
  • [x] destinationCidrBlock
  • [x] internetGatewayId
  • [x] deployed
  • [x] SubnetRouteTableAssociation
  • [x] name
  • [x] SubnetId
  • [x] RouteTableId
  • [x] deployed
• [x] Private Subnet Routing
  • [x] RouteTable
  • [x] name
  • [x] vpcId
  • [x] deployed
  • [x] Route
  • [x] name
  • [x] vpcId
  • [x] destinationCidrBlock
  • [x] natGatewayId
  • [x] deployed
  • [x] SubnetRouteTableAssociation
  • [x] name
  • [x] SubnetId
  • [x] RouteTableId
  • [x] deployed
• [x] Network ACL
  • [x] PrivateSubnetNetworkACL
  • [x] VPC
  • [x] Name
  • [x] Network -> NACL Protected
  • [x] Deployed
  • [x] Private Subnet Network ACL Entry Inbound
  • [x] Metadata: What does this do? cfn_nag: rules_to_suppress:
    • id: W66 reason: "(W66) To avoid opening all ports for Allow rules, EC2 NetworkACL Entry Protocol should be either 6 (for TCP), 17 (for UDP), 1 (for ICMP), or 58 (for ICMPv6, which must include an IPv6 CIDR block, ICMP type, and code)."
      • [x] CidrBlock: '0.0.0.0/0'
      • [x] Egress: false
      • [x] NetworkAclId: !Ref 'PrivateSubnet1BNetworkAcl'
      • [x] Protocol: -1
      • [x] RuleAction: allow
      • [x] RuleNumber: 100
  • [x] PrivateSubneNetworkAclEntryOutbound:
  • [x] What does this do? Metadata: cfn_nag: rules_to_suppress:
    • id: W66 reason: "(W66) To avoid opening all ports for Allow rules, EC2 NetworkACL Entry Protocol should be either 6 (for TCP), 17 (for UDP), 1 (for ICMP), or 58 (for ICMPv6, which must include an IPv6 CIDR block, ICMP type, and code)."
  • [x] CidrBlock: '0.0.0.0/0'
  • [x] Egress: true
  • [x] NetworkAclId: !Ref 'PrivateSubnet1BNetworkAcl'
  • [x] Protocol: -1
  • [x] RuleAction: allow
  • [x] RuleNumber: 100 -[ ] PrivateSubnet1BNetworkAclAssociation:
    • [x] SubnetId
    • [x] NetworkAclId

[ajhool]

Merged in #10