Exercise 2: Cloud Formation Template for EC2 Instance with S3 Read access IAM role
In
This Exercise, we are going to create EC2 Instance using the Cloud Formation
Template with S3 Read Access IAM role attached written in YAML format. For this
exercise, we need to keep few things ready.
1.
VPC
(Default or Custom)
2.
Public
Subnets
3.
Security
Groups
4.
KeyPair
We
are going to create EC2 Instance in Mumbai Region (ap-south-1), so we have used
image-id “ami-0732b62d310b80e97”, we have already created KeyPair separately to
access our instance, the security group is configured with Port 22 inbound, Availability
Zone we are using here is ap-south-1a.
To get the Stack click on the link: https://github.com/pranavdhopey and save it to server say under /opt directory.
1. Login to AWS Management Console. AWS Console
2. On Management Console click on “Cloud Formation” under the “Management and Governance” section.
3. Now you will land on Cloud Formation
Console. In Cloud Formation Console click on the “Create Stack” button.
Now
follow the below steps to create a stack for this exercise
Step 1: Specify template
In
this section choose the “Template is Ready” button and select “Upload a
template file”. Now choose a file to upload from your personal computer where
it is saved and upload. Now click on next.
Step 2: Specify stack
details
Now
Specify “Stack name” for e.g. Say “EC2S3AccessStack” for this exercise. Now provide
the values for parameters need to create EC2 stack, here we are giving the below
parameter values.
1.
InstanceName: WebServer(Value to be replace)
2.
MyInstanceType: t2.micro(Choose From DropDown)
3.
MyKeyName: MumbaiKP(Provide your KeyPair Name)
4.
MyAvailabilityZone: ap-south-1a(Value to be replace)
5.
MySubnetId: subnet-xxxxxxxxxx(Value to be replace)
6.
MySecurityGroups: sg-xxxxxxxxxx(Value to be replace)
Step 3: Configure stack
options
On
the “Configure stack options” page leave all settings default and click on next.
Step 4: Review Stack
In
this step review all the settings that you have filled in and under the capabilities
section click on the radio button to acknowledge that AWS CloudFormation might
create IAM resources and then click create stack.
After
some time stack will be created and you can view and access resources created by the cloud formation stack.
Click
below to get started
|
We
can also create a stack using AWS CLI
AWS CLI for creating
stack:
1. To validate cloud formation template template
#aws cloudformation validate-template --template-body file://<path-to-file>/CFNEC2LaunchTeplatewithS3Access.yml
2. To create stack
#aws cloudformation create-stack --stack-name EC2S3AccessStack
--templatebody file://<path-to-file>/CFNEC2LaunchTeplatewithS3Access.yml
--parameters ParameterKey= InstanceName,ParameterValue=S3AccessServer
ParameterKey=MyKeyName,ParameterValue=MumbaiK
ParameterKey=MyInstanceType,ParameterValue=t2.micro
ParameterKey=MyAvailabilityZone,ParameterValue=ap-south-1a
ParameterKey=MySecurityGroups,ParameterValue=sg-xxxxxxxxxx
ParameterKey=MySubnetId,ParameterValue=subnet-xxxxxxxxxx --
capabilities CAPABILITY_IAM
3. To describe stack
#aws cloudformation describe-stacks --stack-name EC2S3AccessStack
4. To view the stack events
#aws cloudformation describe-stack-events --stack-name EC2S3AccessStack
5. To delete the stack
#aws cloudformation delete-stack --stack-name EC2S3AccessStack
This
completes EC2 instance creation with S3 Read Access IAM role attached using a
cloud formation template with various parameters.
No comments:
Post a Comment