Amazon-Web-Services

添加現有安全組 CloudFormation EC2 模板

  • September 25, 2019

如何在 CloudFormation 模板中引用現有的 EC2 安全組,而不必設置入口和出口規則?

  Resources:
     EC2Instance:
       Type: AWS::EC2::Instance
       Properties:
         InstanceType:
           Ref: InstanceType
         SecurityGroups:
         - Ref: InstanceSecurityGroup
         KeyName:
           Ref: KeyName
         ImageId:
           Fn::FindInMap:
           - AWSRegionArch2AMI
           - Ref: AWS::Region
           - Fn::FindInMap:
             - AWSInstanceType2Arch
             - Ref: InstanceType
             - Arch
     InstanceSecurityGroup:
       Type: AWS::EC2::SecurityGroup
       Properties:
         GroupDescription: Existing Groups
         SecurityGroupIds:
         - Ref: sg-12345
         - Ref: sg-12312

 SecurityGroupIngress:
 - IpProtocol: tcp
   FromPort: 80
   ToPort: 80
   CidrIp: 0.0.0.0/0
 SecurityGroupEgress:
 - IpProtocol: tcp
   FromPort: 80
   ToPort: 80
   CidrIp: 0.0.0.0/0

為此,您只需將它們直接添加到 SecurityGroupIds 下的 EC2 資源屬性中:

Resources:
   EC2Instance:
       Type: AWS::EC2::Instance
       Properties:
           InstanceType:
               Ref: InstanceType
           SecurityGroupIds:
             - sg-12345
             - sg-12312
           KeyName: 
               Ref: KeyName
           ImageId: 
               Fn::FindInMap:
               - AWSRegionArch2AMI
               - Ref: AWS::Region
               - Fn::FindInMap:
                 - AWSInstanceType2Arch
                 - Ref: InstanceType
                 - Arch

引用自:https://serverfault.com/questions/985490

相關問答

Amazon-Ec2

AWS CloudFormation:VPC 預設安全組

  • December 8, 2020
檢視問答
Amazon-Web-Services

CWAgent 磁碟空間警報

  • June 10, 2020
檢視問答
Amazon-Web-Services

使用 CloudFormation 創建 EC2 實例和卷

  • May 28, 2020
檢視問答
Amazon-Ec2

Amazon Cloud Formation:從 S3 儲存桶導入文件

  • October 8, 2019
檢視問答
Amazon-Ec2

如何使用 cloudformation 模板在 ECR 上拉取 docker 鏡像

  • August 9, 2019
檢視問答
Amazon-Ec2

Amazon CloudFormation:如何獲取特定子網的 ELB 私有 IP?

  • July 26, 2019
檢視問答