Using Parameters

Parameters: # <-- Beginning of Parameters
  SecurityGroupDescription: # <-- Name of parameter, can be anything
    Description: Security Group Description (Simple parameter)
    Type: String
  SecurityGroupPort:
    Description: Simple Description of a Number Parameter, with MinValue and MaxValue
    Type: Number
    MinValue: 1150
    MaxValue: 65535
  InstanceType:
    Description: WebServer EC2 instance type (has default, AllowedValues)
    Type: String
    Default: t2.small
    AllowedValues:
      - t1.micro
      - t2.nano
      - t2.micro
      - t2.small
    ConstraintDescription: must be a valid EC2 instance type.
  DBPwd:
    NoEcho: true
    Description: The database admin account password (won't be echoed)
    Type: String
  KeyName:
    Description: Name of an existing EC2 KeyPair to enable SSH access to the instances. Linked to AWS Parameter
    Type: AWS::EC2::KeyPair::KeyName
    ConstraintDescription: must be the name of an existing EC2 KeyPair.
  SecurityGroupIngressCIDR:
    Description: The IP address range that can be used to communicate to the EC2 instances
    Type: String
    MinLength: '9'
    MaxLength: '18'
    Default: 0.0.0.0/0
    AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})
    ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
  MyVPC:
    Description: VPC to operate in
    Type: AWS::EC2::VPC::Id
  MySubnetIDs:
    Description: Subnet IDs that is a List of Subnet Id
    Type: "List<AWS::EC2::Subnet::Id>"
  DbSubnetIpBlocks:
    Description: "Comma-delimited list of three CIDR blocks"
    Type: CommaDelimitedList
    Default: "10.0.48.0/24, 10.0.112.0/24, 10.0.176.0/24"

Resources: # <-- Beginning of Resources
  MyEC2Instance:
    Type: "AWS::EC2::Instance"
    Properties:
      # we reference the InstanceType parameter
      InstanceType: !Ref InstanceType
      KeyName: !Ref KeyName
      ImageId: "ami-a4c7edb2"
      # here we reference an internal CloudFormation resource
      SubnetId: !Ref DbSubnet1

  MySecurityGroup:
    Type: "AWS::EC2::SecurityGroup"
    Properties:
      GroupDescription: !Ref SecurityGroupDescription
      SecurityGroupIngress:
        - CidrIp: !Ref SecurityGroupIngressCIDR
          FromPort: !Ref SecurityGroupPort
          ToPort: !Ref SecurityGroupPort
          IpProtocol: tcp
      VpcId: !Ref MyVPC

  DbSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref MyVPC
      # the select function allows us to select across a list
      CidrBlock: !Select [0, !Ref DbSubnetIpBlocks]
  DbSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref MyVPC
      # the select function allows us to select across a list
      CidrBlock: !Select [1, !Ref DbSubnetIpBlocks]
  DbSubnet3:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref MyVPC
      # the select function allows us to select across a list
      CidrBlock: !Select [2, !Ref DbSubnetIpBlocks]

PreviousCloudformation NextAmazon Web Services

Last updated 5 years ago

Was this helpful?

Parameters: # <-- Beginning of Parameters SecurityGroupDescription: # <-- Name of parameter, can be anything Description: Security Group Description (Simple parameter) Type: String SecurityGroupPort: Description: Simple Description of a Number Parameter, with MinValue and MaxValue Type: Number MinValue: 1150 MaxValue: 65535 InstanceType: Description: WebServer EC2 instance type (has default, AllowedValues) Type: String Default: t2.small AllowedValues: - t1.micro - t2.nano - t2.micro - t2.small ConstraintDescription: must be a valid EC2 instance type. DBPwd: NoEcho: true Description: The database admin account password (won't be echoed) Type: String KeyName: Description: Name of an existing EC2 KeyPair to enable SSH access to the instances. Linked to AWS Parameter Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: must be the name of an existing EC2 KeyPair. SecurityGroupIngressCIDR: Description: The IP address range that can be used to communicate to the EC2 instances Type: String MinLength: '9' MaxLength: '18' Default: 0.0.0.0/0 AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2}) ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x. MyVPC: Description: VPC to operate in Type: AWS::EC2::VPC::Id MySubnetIDs: Description: Subnet IDs that is a List of Subnet Id Type: "List<AWS::EC2::Subnet::Id>" DbSubnetIpBlocks: Description: "Comma-delimited list of three CIDR blocks" Type: CommaDelimitedList Default: "10.0.48.0/24, 10.0.112.0/24, 10.0.176.0/24" Resources: # <-- Beginning of Resources MyEC2Instance: Type: "AWS::EC2::Instance" Properties: # we reference the InstanceType parameter InstanceType: !Ref InstanceType KeyName: !Ref KeyName ImageId: "ami-a4c7edb2" # here we reference an internal CloudFormation resource SubnetId: !Ref DbSubnet1 MySecurityGroup: Type: "AWS::EC2::SecurityGroup" Properties: GroupDescription: !Ref SecurityGroupDescription SecurityGroupIngress: - CidrIp: !Ref SecurityGroupIngressCIDR FromPort: !Ref SecurityGroupPort ToPort: !Ref SecurityGroupPort IpProtocol: tcp VpcId: !Ref MyVPC DbSubnet1: Type: AWS::EC2::Subnet Properties: VpcId: !Ref MyVPC # the select function allows us to select across a list CidrBlock: !Select [0, !Ref DbSubnetIpBlocks] DbSubnet2: Type: AWS::EC2::Subnet Properties: VpcId: !Ref MyVPC # the select function allows us to select across a list CidrBlock: !Select [1, !Ref DbSubnetIpBlocks] DbSubnet3: Type: AWS::EC2::Subnet Properties: VpcId: !Ref MyVPC # the select function allows us to select across a list CidrBlock: !Select [2, !Ref DbSubnetIpBlocks]