Menu
Currently, our AWS infrastructure has many instances which are attached to security groups, which I created in the console.
We are re-structuring our security groups with CloudFormation, thus we can have a comment and description in each rule.
My question is:
496
The key pair can either be imported or created by Amazon EC2, as follows: To import an existing key pair, include the PublicKeyMaterial property in the template. To create a new key pair, omit the PublicKeyMaterial property.
You can't.
Amazon CloudFormation templates can create resources, and those resources can refer to other resources within the same template. For example, you could create a Security Group and an Instance, and configure the Instance to use the Security Group. When making such references within the template, resources can be referenced by name (eg SecurityGroup1, Web Server).
If you wish resources within a CloudFormation to be associated with resources that already exist, you will need to refer to the external resource via its unique ID.
For example, it is possible to create an Amazon EC2 instance within a CloudFormation template, and refer to an existing security group.
However, your need is the reverse! You wish to modify an existing resource to point to a new resource. For example, modify an existing Instance to point to a new Security Group. This is not possible within a CloudFormation template, because it can only create resources and configure those resources -- it cannot modify resources outside of the template.
Logically, security groups need to exist before creating an Amazon EC2 instance since the instance links to the security groups.
Exporting to JSON
If you wish to export an existing resource to a CloudFormation template (eg export current Security Group definitions), you could use:
144
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
