How to add multiple security groups and group names in cloudformation using template?

amazon-web-services amazon-cloudformation aws-security-group
11,983

Yes, you can attach multiple Security Groups to an EC2 Instance when created using CloudFormation. Below is sample json to accomplish it. I have attached WebSubnetSG & AppSubnetSG to the EC2 Instance.

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Description": "Multiple Security Groups - Demo",
  "Resources" : {
  "VPC": {
      "Type": "AWS::EC2::VPC",
      "Properties": {
        "CidrBlock": "10.0.0.0/16" ,
        "Tags": [
          {
            "Key": "Name",
            "Value": "Multi Security Group"
          }
        ]
      }
    },
    "WebSubnet": {
      "Type": "AWS::EC2::Subnet",
      "Properties": {
        "VpcId": {
          "Ref": "VPC"
        },
        "CidrBlock": "10.0.10.0/24",
        "Tags": [
          {
            "Key": "Application",
            "Value": "Multi SG Subnet"
          }]
      }
    },
    "WebServerSG": {
      "Type": "AWS::EC2::SecurityGroup",
      "Properties": {
        "GroupDescription": "SG for the Web Server",
        "VpcId": {
          "Ref": "VPC"
        },
        "SecurityGroupEgress": [
          {
            "IpProtocol": "-1",
            "CidrIp": "0.0.0.0/0"
          }
        ],
        "SecurityGroupIngress" : [
            {
            "IpProtocol": "tcp",
            "CidrIp": "0.0.0.0/0",
            "FromPort": "80",
            "ToPort": "80"
          },
          {
            "IpProtocol": "tcp",
            "CidrIp": "0.0.0.0/0",
            "FromPort": "443",
            "ToPort": "443"
          }
        ]
      }
    },
    "AppServerSGIngress": {
      "Type": "AWS::EC2::SecurityGroupIngress",
      "Properties": {
        "GroupId": {
          "Ref": "AppServerSG"
        },
        "IpProtocol": "tcp",
        "CidrIp": "0.0.0.0/0",
        "FromPort" : "9090",
        "ToPort" : "9090"
      }
    },
    "AppServerSG": {
      "Type": "AWS::EC2::SecurityGroup",
      "Properties": {
        "GroupDescription": "SG for the App Server",
        "VpcId": {
          "Ref": "VPC"
        },
        "SecurityGroupEgress": [
          {
            "IpProtocol": "-1",
            "CidrIp": "0.0.0.0/0"
          }
        ],
        "SecurityGroupIngress" : [
            {
            "IpProtocol": "tcp",
            "CidrIp": "0.0.0.0/0",
            "FromPort": "8080",
            "ToPort": "8080"
          }
        ]
      }
    },
    
    "MultiSGInstance": {
      "Type": "AWS::EC2::Instance",
      "Properties": {
        "ImageId": "ami-12345678",
        "KeyName": "your-key-pair",
        "SecurityGroupIds": [
          {
            "Ref": "WebServerSG"
          },
          {
            "Ref": "AppServerSG"
          }
        ],
        "InstanceType": "t2.micro",
        "SubnetId": {
          "Ref": "WebSubnet"
        },
        "Tags": [
          {
            "Key": "Name",
            "Value": "MultiSG"
          }
        ]
      }
    }
  },
  "Outputs" : {}
 }
Share:
11,983
shas
Author by

shas

this website is very useful

Updated on August 03, 2022

Comments

  • shas
    shas over 1 year 
     "dbxSG": 
    {
      "Type": "AWS::EC2::SecurityGroup",
      "Properties": 
      {
        "GroupDescription": "Enable dbX Access",
        "SecurityGroupIngress": [
          {
            "IpProtocol": "tcp",
            "FromPort": "22",
            "ToPort": "22",
            "CidrIp": "0.0.0.0/0"
          }
        ]
      }
    },
    "dbxSGIngress" : 
    {
      "Type": "AWS::EC2::SecurityGroupIngress",
      "Properties": 
      {
        "GroupName": { "Ref": "dbxSG" },
        "IpProtocol": "tcp",
        "FromPort": "0",
        "ToPort": "65535",
        "SourceSecurityGroupName": { "Ref": "dbxSG" }
      }
    },

    How do I add multiple security group names in above json file? "dbxSG" name is referring in many times. I want to add one more security group with a new name. How do I add it?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Trying to pass parameters from Master to child template
AWS cloudformation error: Template validation error: Template error: resource NotificationsTopic does not support attribute type Arn in Fn::GetAtt
Create Nested If else in AWS Cloud Formation Template
Non-Windows instances with a virtualization type of 'hvm' are currently not supported for this instance type : [AWS Cloudformation]
AWS::CloudFormation::Init how does it work?
How to set DynamoDB Read/write capacity mode to On-demand on CloudFormation
How can I (securely) download a private S3 asset onto a new EC2 instance with cloudinit?
AWS Cloudformation - How to use If Else conditions
AWS cloudformation: One big template file or many small ones?
RDS with Cloud Formation and AZ issues