How to add multiple security groups and group names in cloudformation using template?
11,983
Yes, you can attach multiple Security Groups to an EC2 Instance when created using CloudFormation. Below is sample json to accomplish it. I have attached WebSubnetSG & AppSubnetSG to the EC2 Instance.
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Multiple Security Groups - Demo",
"Resources" : {
"VPC": {
"Type": "AWS::EC2::VPC",
"Properties": {
"CidrBlock": "10.0.0.0/16" ,
"Tags": [
{
"Key": "Name",
"Value": "Multi Security Group"
}
]
}
},
"WebSubnet": {
"Type": "AWS::EC2::Subnet",
"Properties": {
"VpcId": {
"Ref": "VPC"
},
"CidrBlock": "10.0.10.0/24",
"Tags": [
{
"Key": "Application",
"Value": "Multi SG Subnet"
}]
}
},
"WebServerSG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "SG for the Web Server",
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupEgress": [
{
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
],
"SecurityGroupIngress" : [
{
"IpProtocol": "tcp",
"CidrIp": "0.0.0.0/0",
"FromPort": "80",
"ToPort": "80"
},
{
"IpProtocol": "tcp",
"CidrIp": "0.0.0.0/0",
"FromPort": "443",
"ToPort": "443"
}
]
}
},
"AppServerSGIngress": {
"Type": "AWS::EC2::SecurityGroupIngress",
"Properties": {
"GroupId": {
"Ref": "AppServerSG"
},
"IpProtocol": "tcp",
"CidrIp": "0.0.0.0/0",
"FromPort" : "9090",
"ToPort" : "9090"
}
},
"AppServerSG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "SG for the App Server",
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupEgress": [
{
"IpProtocol": "-1",
"CidrIp": "0.0.0.0/0"
}
],
"SecurityGroupIngress" : [
{
"IpProtocol": "tcp",
"CidrIp": "0.0.0.0/0",
"FromPort": "8080",
"ToPort": "8080"
}
]
}
},
"MultiSGInstance": {
"Type": "AWS::EC2::Instance",
"Properties": {
"ImageId": "ami-12345678",
"KeyName": "your-key-pair",
"SecurityGroupIds": [
{
"Ref": "WebServerSG"
},
{
"Ref": "AppServerSG"
}
],
"InstanceType": "t2.micro",
"SubnetId": {
"Ref": "WebSubnet"
},
"Tags": [
{
"Key": "Name",
"Value": "MultiSG"
}
]
}
}
},
"Outputs" : {}
}
Comments
-
shas over 1 year
"dbxSG": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "Enable dbX Access", "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "22", "ToPort": "22", "CidrIp": "0.0.0.0/0" } ] } }, "dbxSGIngress" : { "Type": "AWS::EC2::SecurityGroupIngress", "Properties": { "GroupName": { "Ref": "dbxSG" }, "IpProtocol": "tcp", "FromPort": "0", "ToPort": "65535", "SourceSecurityGroupName": { "Ref": "dbxSG" } } },
How do I add multiple security group names in above json file? "dbxSG" name is referring in many times. I want to add one more security group with a new name. How do I add it?