CloudFormation - create subnets based on parameter value?

Question

Hi,

Is it possible to create subnets based on parameter value? Like if I in parameters in a console set 2. It will create 2 subnets, if 3 - 3 subnets.

Thanks

Accepted Answer

Or if you would prefer barebones sample that deploys a VPC with subnet on selected AZs here is how you can do that with ForEach -function.

```
AWSTemplateFormatVersion: 2010-09-09
Transform: 'AWS::LanguageExtensions'
Description:  Simple VPC with 1, 2 or 3 subnets

Parameters:
  AZs:
    Type: CommaDelimitedList
    Default: "a, b, c"

Mappings:
     
  Network:
    CIDR:
      VPC: 10.0.0.0/23
      SubnetBits: 7

AZ:
    a:
      index: 0
    b:
      index: 1
    c:
      index: 2
  
Resources:

VPC:
    Type: AWS::EC2::VPC
    Properties:
         CidrBlock: !FindInMap [ Network, CIDR, VPC]

'Fn::ForEach::Network':
  - X
  - !Ref AZs
  - Subnet${X}:
      Type: AWS::EC2::Subnet
      Properties:
        VpcId: !Ref VPC
        AvailabilityZone: !Sub '${AWS::Region}${X}'
        CidrBlock: !Select [ !FindInMap [ AZ, !Ref X, index ], !Cidr [ !FindInMap [ Network, CIDR, VPC ], 4, !FindInMap [ Network, CIDR, SubnetBits ] ] ]
```

Answer

Hi,

Unfortunately, no you cannot control the number of subnets you create by specifying number as a parameter. 
You can control the count by the number of times you define a resource  based on the`Type: AWS::EC2::Subnet`.
e.g. Create 2 resources with `Type: AWS::EC2::Subnet` twice instead of 3 times.

Answer

Hi, the closest way to achieve ( what you want is with `Fn::ForEach`

See example re. subnets on https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-foreach-example-resource.html

Go the page to see how the below is transformed

```
AWSTemplateFormatVersion: 2010-09-09
Transform: 'AWS::LanguageExtensions'
Resources:
  VPC:
    Type: 'AWS::EC2::VPC'
    Properties:
      CidrBlock: 10.0.0.0/16
      EnableDnsSupport: 'true'
      EnableDnsHostnames: 'true'
  'Fn::ForEach::SubnetResources':
  - Prefix
  - [Transit, Public]
  - 'Nacl${Prefix}Subnet':
      Type: 'AWS::EC2::NetworkAcl'
      Properties:
        VpcId: !Ref 'VPC'
    'Fn::ForEach::LoopInner':
    - Suffix
    - [A, B, C]
    - '${Prefix}Subnet${Suffix}':
        Type: 'AWS::EC2::Subnet'
        Properties:
          VpcId: !Ref 'VPC'
      'Nacl${Prefix}Subnet${Suffix}Association':
        Type: 'AWS::EC2::SubnetNetworkAclAssociation'
        Properties:
          SubnetId: !Ref
            'Fn::Sub': '${Prefix}Subnet${Suffix}'
          NetworkAclId: !Ref
            'Fn::Sub': 'Nacl${Prefix}Subnet'
```

The refereence documentation re ForEach: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-foreach.html

Best,

Didier

Answer

You can do this with [Conditions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/conditions-section-structure.html).
Below is an example of VPC template where you can enable not just AZs but layers (public, private, internal) as well, using Conditions logic. Parameters are bit more complex than just one number, 2 or 3, but you will get the idea.

https://github.com/kallu/agile-aws-vpc

Here is also a blog post https://carriagereturn.nl/aws/vpc/network/nat/2021/06/15/agile-networking.html to explain the logic why I build such a construct.

CloudFormation - create subnets based on parameter value?

相關內容