[英]How to use existing VPC in AWS CloudFormation template for new SecurityGroup
我正在嘗試 EC2 實例(新)、安全組(新)和 VPC(現有)。 這是我的 cloudformation 模板。
當我在 Stack 中運行模板時,出現錯誤,因為*"Value () for parameter groupId is invalid. The value cannot be empty"* 。 如何解決這個問題?
模板:
Parameters:
VPCID:
Description: Name of an existing VPC
Type: AWS::EC2::VPC::Id
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription: must be the name of an existing EC2 KeyPair.
InstanceType:
Description: EC2 instance type
Type: String
Default: t2.medium
AllowedValues:
- t2.medium
- t2.large
AccessLocation:
Description: The IP address range that can be used to access to the EC2 instances
Type: String
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType: !Ref 'InstanceType'
SecurityGroups:
- !Ref 'InstanceSecurityGroup'
KeyName: !Ref 'KeyName'
ImageId: !Ref 'ImageId'
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref VPCID
GroupDescription: Enable SSH
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: !Ref 'AccessLocation'
SecurityGroups只能用於默認 VPC 。 由於您將VPCID顯式分配給InstanceSecurityGroup ,因此這將被視為非默認值,從而導致部署失敗。
您必須在您的情況下使用SecurityGroupIds (不是SecurityGroups ),因為您的 VPC 使用將被視為非默認:
SecurityGroupIds:
- !GetAtt 'InstanceSecurityGroup.GroupId'
SecurityGroups屬性中的EC2Instance資源中的錯誤。 SecurityGroups需要一個GroupId數組,但是當您使用!Ref InstanceSecurityGroup這將返回ResourceId 。 因此,您需要使用GetAtt來獲取GroupId 。
Parameters:
VPCID:
Description: Name of an existing VPC
Type: AWS::EC2::VPC::Id
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription: must be the name of an existing EC2 KeyPair.
InstanceType:
Description: EC2 instance type
Type: String
Default: t2.medium
AllowedValues:
- t2.medium
- t2.large
AccessLocation:
Description: The IP address range that can be used to access to the EC2 instances
Type: String
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType: !Ref 'InstanceType'
SecurityGroups:
- !GetAtt InstanceSecurityGroup.GroupId
KeyName: !Ref 'KeyName'
ImageId: !Ref 'ImageId'
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref VPCID
GroupDescription: Enable SSH
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: !Ref 'AccessLocation'
Cloudformation“ AWS :: EC2 :: SecurityGroup”對象,原因“此用戶無默認VPC”
[英]Cloudformation “AWS::EC2::SecurityGroup” object with the Reason “No default VPC for this user”
從VPC內的另一個雲形成模板引用SecurityGroup
[英]Reference SecurityGroup from another cloudformation template inside VPC
如何將對現有 VPC 的引用傳遞給 cloudformation 模板?
[英]how to pass reference to existing VPC to a cloudformation template?
AWS CloudFormation:如何在cloudformation模板中引用默認/主路由表(在創建VPC時創建)?
[英]AWS CloudFormation: how do I refer to the default/main route table (that is created when a VPC is created) in a cloudformation template?
AWS CloudFormation 在創建或部署新模板時重用現有資源
[英]AWS CloudFormation reusing the existing resource when creating or deploying new template
AWS CloudFormation:SecurityGroup指的是另一個安全組
[英]AWS CloudFormation: SecurityGroup refers to another security group
AWS Cloudformation!Ref SecurityGroup返回無效的ID
[英]AWS Cloudformation !Ref SecurityGroup returns an invalid ID
在 CloudFormation 模板中使用現有的 Elastic IP 而不是生成新的?
[英]Use an existing Elastic IP in CloudFormation template instead of generating a new one?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.