如何将EC2实例自动添加到现有安全组，弹性IP和VPC？

Question

我为我的图像（AMI）中的新实例创建了新模板(*.json- see ettach)。

如何将实例自动添加到现有的安全组，弹性ip和VPC？

感谢

{ 
"AWSTemplateFormatVersion": "2010-09-09", 
"Description": "Ec2 block device mapping", 
"Resources": { 
    "MyEC2Instance": { 
     "Type": "AWS::EC2::Instance", 
     "Properties": { 
      "ImageId": "ami-1ff5111", 
      "AvailabilityZone": "us-west-1a", 
      "KeyName": "Test", 
      "Tags": [{ 
       "Key": "Name", 
       "Value": "RoiTest" 
      }] 
     } 
    }, 

Answer 1

的CloudFormation User Guide的Resource Types Reference section是一个很好的起点，以寻找细节，比如你问的人。具体来说，您应该查看AWS:EC2:Instance和AWS::EC2::EIPAssociation参考。

要将EC2实例与VPC安全组关联，请添加SecurityGroupIds属性。要在VPC内部创建实例，您实际上必须定义其子网（它又与VPC关联），因此您需要添加SubnetId属性。最后，将弹性IP与创建EIP关联资源的实例相关联。

这是你的模板将是什么样子：

{ 
    "AWSTemplateFormatVersion": "2010-09-09", 
    "Description": "Ec2 block device mapping", 
    "Resources": { 
    "MyEC2Instance": { 
     "Type": "AWS::EC2::Instance", 
     "Properties": { 
     "ImageId": "ami-1ff5111", 
     "AvailabilityZone": "us-west-1a", 
     "SubnetId": "<your existing subnet id here>", 
     "SecurityGroupIds": [ "<your existing security group id here>" ], 
     "KeyName": "Test", 
     "Tags": [{ 
      "Key": "Name", 
      "Value": "RoiTest" 
     }] 
     } 
    }, 
    "MyEIPAssociation": { 
     "Type": "AWS::EC2::EIPAssociation", 
     "Properties": { 
     "AllocationId": "<your existing elastic IP allocation id here>", 
     "InstanceId": { "Ref": "MyEC2Instance" } 
     } 
    }, 
    ... (other resources in your template) 
    } 
} 

这可能是指向该SecurityGroupIds属性值是一个数组有用的，所以你可以有多个安全组的实例。