AWS CloudFormation Exercise 2: EC2 Instance with S3 Access

Exercise 2: Cloud Formation Template for EC2 Instance with S3 Read access IAM role

In This Exercise, we are going to create EC2 Instance using the Cloud Formation Template with S3 Read Access IAM role attached written in YAML format. For this exercise, we need to keep few things ready.
1.   VPC (Default or Custom)
2.   Public Subnets
3.   Security Groups
4.   KeyPair
We are going to create EC2 Instance in Mumbai Region (ap-south-1), so we have used image-id “ami-0732b62d310b80e97”, we have already created KeyPair separately to access our instance, the security group is configured with Port 22 inbound, Availability Zone we are using here is ap-south-1a.

To get the Stack click on the link: and save it to server say under /opt directory.

1.   Login to AWS Management Console. AWS Console

2. On Management Console click on “Cloud Formation” under the “Management and Governance” section.

3. Now you will land on Cloud Formation Console. In Cloud Formation Console click on the “Create Stack” button.

Now follow the below steps to create a stack for this exercise

Step 1: Specify template

In this section choose the “Template is Ready” button and select “Upload a template file”. Now choose a file to upload from your personal computer where it is saved and upload. Now click on next.

Step 2: Specify stack details

Now Specify “Stack name” for e.g. Say “EC2S3AccessStack” for this exercise. Now provide the values for parameters need to create EC2 stack, here we are giving the below parameter values.

1. InstanceName: WebServer(Value to be replace)

2. MyInstanceType: t2.micro(Choose From DropDown)

3. MyKeyName: MumbaiKP(Provide your KeyPair Name)

4. MyAvailabilityZone: ap-south-1a(Value to be replace)

5. MySubnetId: subnet-xxxxxxxxxx(Value to be replace)

6. MySecurityGroups: sg-xxxxxxxxxx(Value to be replace)

Step 3: Configure stack options

On the “Configure stack options” page leave all settings default and click on next.

Step 4: Review Stack

In this step review all the settings that you have filled in and under the capabilities section click on the radio button to acknowledge that AWS CloudFormation might create IAM resources and then click create stack.

After some time stack will be created and you can view and access resources created by the cloud formation stack.

Click below to get started

Create Stack


We can also create a stack using AWS CLI

AWS CLI for creating stack:

1.   To validate cloud formation template template

#aws cloudformation validate-template --template-body file://<path-to-file>/CFNEC2LaunchTeplatewithS3Access.yml

2.   To create stack

#aws cloudformation create-stack --stack-name EC2S3AccessStack

--templatebody file://<path-to-file>/CFNEC2LaunchTeplatewithS3Access.yml

--parameters ParameterKey= InstanceName,ParameterValue=S3AccessServer





ParameterKey=MySubnetId,ParameterValue=subnet-xxxxxxxxxx --

capabilities CAPABILITY_IAM

3.   To describe stack

#aws cloudformation describe-stacks --stack-name EC2S3AccessStack

4.   To view the stack events

#aws cloudformation describe-stack-events --stack-name EC2S3AccessStack

5.   To delete the stack

#aws cloudformation delete-stack --stack-name EC2S3AccessStack

This completes EC2 instance creation with S3 Read Access IAM role attached using a cloud formation template with various parameters.

No comments:

Post a Comment