问题描述
我正在学习使用云形成模板创建堆栈,我正在尝试使用带有安全组的云形成模板创建一个 EC2 实例,以便我也可以通过 ssh 连接到它。 我的云形成模板是:
{
"Description": "Create an EC2 instance by AWS CloudFormation","Resources": {
"EC2instance": {
"Type": "AWS::EC2::Instance","Properties": {
"AvailabilityZone": "us-east-1b","ImageId": "ami-08e697937cb1d2fa0","InstanceType": "t2.micro","subnetId": "subnet-f27e50aa","KeyName": "DeepNewKP"
}
},"SecurityGroupDemoSvrTraffic": {
"Type": "AWS::EC2::SecurityGroup","Properties": {
"GroupName": "sgDemoSvr","SecurityGroupIngress": [
{
"IpProtocol": "tcp","FromPort": 22,"ToPort": 22,"CidrIp": "115.110.123.22/32","Description": "For traffic from Internet"
}
],"GroupDescription": "Security Group for demo server","VpcId": "vpc-ba7ef3dd"
}
}
}
}
堆栈正在创建,但是当我检查安全组时,我没有找到我在那里提到的规则。因此,我无法通过 ssh 连接到它(我可以在手动添加后通过 ssh 连接它)。我想知道我在模板中做错了什么。
解决方法
我看到的唯一问题是您没有将安全组附加到实例,因此将以下内容添加到 EC2instance
属性:
"SecurityGroupIds": [{"Ref":"SecurityGroupDemoSvrTraffic"}]