Menu
I want to use existing security group on cloudformation template. Now I have template that create 2 SG,
"InstanceMember1": {
"Type": "AWS::EC2::Instance",
"Properties": {
"SubnetId": {
"Ref": "privateSubnetA"
},
"SecurityGroupIds": [
{
"Ref": "MongoSg"
},
{
"Ref": "mongoTrafficSG"
}
],
}
}
"MongoSg": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "MongoDB security group",
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "22",
"ToPort": "22",
"SourceSecurityGroupId": {
"Ref": "bastionSG"
}
}
],
"VpcId": "%%vpc-id%%",
}
}
}
Now I want to add to the instance exist security group id, any advice?
672
Create a stack from existing resources using the AWS Management Console. Sign in to the AWS Management Console and open the AWS CloudFormation console at https://console.aws.amazon.com/cloudformation . On the Stacks page, choose Create stack, and then choose With existing resources (import resources).
AWS CloudFormation updates the resource without disrupting operation of that resource and without changing the resource's physical ID. For example, if you update certain properties on an AWS::CloudTrail::Trail resource, AWS CloudFormation updates the trail without disruption.
A security group can be used only in the VPC for which it is created. For information about the permissions required to create security groups and manage security group rules, see Manage security groups and Manage security group rules.
you can just go ahead and specify the security group name: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html#cfn-ec2-instance-securitygroups
"InstanceMember1": {
"Type": "AWS::EC2::Instance",
"Properties": {
"SubnetId": {
"Ref": "privateSubnetA"
},
"SecurityGroups": [ "mysuperawesomealreadyexistinggroup"],
}
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
