I'm new to cloudformation- I have manual created EC2 instance2 and another EC2 instance1 using cloudformation sample yaml file.
I want to add the manually created instance2 using "import existing resource" option.
but i'm getting below error-
You have modified resources [MyInstance] in your template that are not being imported. Update, create or delete operations cannot be executed during import operations.
below is the yaml file
AWSTemplateFormatVersion: "2010-09-09"
Metadata:
Generator: "former2"
Description: ""
Resources:
EC2Instance:
Type: "AWS::EC2::Instance"
Properties:
ImageId: "ami-0742b4e673072006f"
InstanceType: "t2.micro"
AvailabilityZone: !GetAtt EC2Instance2.AvailabilityZone
Tenancy: "default"
SubnetId: "subnet-09ec4c74f9226b0a5"
EbsOptimized: false
SecurityGroupIds:
- "sg-0ba5c892cb4456045"
SourceDestCheck: true
BlockDeviceMappings:
-
DeviceName: "/dev/xvda"
Ebs:
Encrypted: false
VolumeSize: 8
SnapshotId: "snap-097c45e6d3c6e0d1b"
VolumeType: "gp2"
DeleteOnTermination: true
HibernationOptions:
Configured: false
EnclaveOptions:
Enabled: false
EC2Instance2:
Type: "AWS::EC2::Instance"
DeletionPolicy: "Retain"
Properties:
ImageId: "ami-05fa00d4c63e32076"
InstanceType: "t2.micro"
KeyName: "ThisIsTestKeyPair"
AvailabilityZone: !Sub "${AWS::Region}a"
Tenancy: "default"
SubnetId: "subnet-09ec4c74f9226b0a5"
EbsOptimized: false
SecurityGroupIds:
- "sg-0847c55c903c6b01d"
SourceDestCheck: true
BlockDeviceMappings:
-
DeviceName: "/dev/xvda"
Ebs:
Encrypted: false
VolumeSize: 8
SnapshotId: "snap-0834d7afbcb68e0b7"
VolumeType: "gp2"
DeleteOnTermination: true
Tags:
-
Key: "Name"
Value: "EC-manual-for-CF-testing"
HibernationOptions:
Configured: false
EnclaveOptions:
Enabled: false
You can't create/updated resources in CFN at the same time as you import other resources. You have to do it one, by one:
Remove EC2Instance2 from your template and deploy EC2Instance
Add EC2Instance and import the second instance.
I have an AutoScale and a LaunchConfig that I created earlier. I want to replace AMI ID with Cloudformation in LaunchConfig. How can I do that ?
I wonder if there is any sample template that will be a reference for me?
Simple example you can find : https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-as-launchconfig.html#aws-properties-as-launchconfig--examples
---
AWSTemplateFormatVersion: 2010-09-09
Parameters:
LatestAmiId:
Description: Region specific image from the Parameter Store
Type: 'AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>'
Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2'
InstanceType:
Description: Amazon EC2 instance type for the instances
Type: String
AllowedValues:
- t3.micro
- t3.small
- t3.medium
Default: t3.micro
Resources:
myLaunchConfig:
Type: AWS::AutoScaling::LaunchConfiguration
Properties:
ImageId: !Ref LatestAmiId
SecurityGroups:
- Ref: "myEC2SecurityGroup"
InstanceType:
Ref: "InstanceType"
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: 30
VolumeType: "gp3"
- DeviceName: /dev/sdm
Ebs:
VolumeSize: 100
DeleteOnTermination: "false"
I have an existing stack that created an auto-scale group that uses a Launch Configuration. I am now trying to switch this stack so the auto-scale group will use a Launch Template instead of Launch Configuration, but the update is giving this error:
Incompatible launch template: The network interface's device index
must be zero. (Service: AmazonAutoScaling; Status Code: 400; Error
Code: InvalidQueryParameter; Request ID:
97bdf4cf-5c90-4035-v234-806367461438; Proxy: null)'
The launch configuration defined in the current CloudFormation template sets AssociatePublicIpAddress: true and the instance created by this template has a public IP. The launch template in the CloudFormation template I am trying to use for the update specifies AssociatePublicIpAddress: true under NetworkNetworkInterfaces.
What does this error mean and how do I fix it?
Relevant parts of template:
LaunchTemplate:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateName: my-launch-template
LaunchTemplateData:
EbsOptimized: false
IamInstanceProfile:
Arn: !GetAtt MyInstanceProfile.Arn
ImageId: !FindInMap [RegionMap, !Ref "AWS::Region", AMI]
InstanceType: !Ref InstanceType
KeyName: !Ref KeyName
NetworkInterfaces:
- AssociatePublicIpAddress: true
If you want to explicitly set NetworkInterfaces, the it should be:
LaunchTemplate:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateName: my-launch-template
LaunchTemplateData:
EbsOptimized: false
IamInstanceProfile:
Arn: !GetAtt MyInstanceProfile.Arn
ImageId: !FindInMap [RegionMap, !Ref "AWS::Region", AMI]
InstanceType: !Ref InstanceType
KeyName: !Ref KeyName
NetworkInterfaces:
- DeviceIndex: 0
AssociatePublicIpAddress: true
Groups: [<security-group-id>]
I'm trying to create a config launcher for my AutoScaling group. I try to deploy it on a fresh Amazon account and I'm facing an authorization error. Not matter if I'm connected with the root account or an admin account, I always get the same error.
ConfigLauncher - CREATE_FAILED : You are not authorized to perform this operation.
(Service: AmazonAutoScaling; Status Code: 400; Error Code: ValidationError;
My config is :
ApiScale:
Type: "AWS::AutoScaling::AutoScalingGroup"
Properties:
LoadBalancerNames:
- !Ref ELB
MinSize:
Ref: AutoScalingMinSizeParameter
MaxSize:
Ref: AutoScalingMaxSizeParameter
AvailabilityZones:
Fn::GetAZs:
Ref: "AWS::Region"
LaunchConfigurationName:
Ref: ConfigLauncher
HealthCheckGracePeriod: 60
HealthCheckType: ELB
ConfigLauncher:
Type: "AWS::AutoScaling::LaunchConfiguration"
Properties:
IamInstanceProfile: "arn:aws:iam::1111111111111:instance-profile/ec2InstancesRole"
ImageId:
Ref: LinuxAmiImageIdParameter
InstanceType:
Ref: EC2InstanceTypeParameter
KeyName:
Ref: SshKeyNameParameter
UserData: xxxxx
Any idea is welcome :)
How can I launch an Amazon EC2 instance in a particular subnet of a VPC using a YAML template in CloudFormation?
If anyone comes access this in the future, I was able to solve this by specifying the following: AvailabilityZone, SecurityGroupIds (not SecurityGroups), and SubnetId.
Resources:
EC2Instance:
Properties:
AvailabilityZone: us-east-1b
ImageId: ami-Id
InstanceType:
Ref: InstanceType
KeyName:
Ref: KeyName
Tags:
-
Key: "Name"
Value:
Ref: InstanceName
SecurityGroupIds:
- sg-idHere
SubnetId: subnet-idHere
Type: "AWS::EC2::Instance"
Make sure that the security group is available to the VPC you are trying to use. The SubnetId should represent the VPC.
Hierarchy:
VPC->SubnetID->SecurityGroupId
Here is the CF template for create a ec2 instance in region singapore. I have just used this template. If you are running in the other region please change ImageId name to met with you region
---
AWSTemplateFormatVersion: '2010-09-09'
Description: 'VPC with private subnets in two availability zones'
Parameters:
PrivateSubnet:
Description: Private Subnet to Attach NAT Gateway.
Type: AWS::EC2::Subnet::Id
InstanceType:
Description: EC2 instance type
Type: String
Default: t2.micro
AllowedValues: [t2.micro, t2.small, t2.medium, t2.large, m3.medium, m3.large,
m3.xlarge, m3.2xlarge, m4.large, m4.xlarge, m4.2xlarge, m4.4xlarge, m4.10xlarge,
c4.large, c4.xlarge, c4.2xlarge, c4.4xlarge, c4.8xlarge, c3.large, c3.xlarge,
c3.2xlarge, c3.4xlarge, c3.8xlarge, r3.large, r3.xlarge, r3.2xlarge, r3.4xlarge,
r3.8xlarge, i2.xlarge, i2.2xlarge, i2.4xlarge, i2.8xlarge]
ConstraintDescription: Please choose a valid instance type.
SSHKeyName:
Description: EC2 instance type
Type: String
ConstraintDescription: Please choose a valid KeyName
VolumeSize:
Description: size of volume
Type: Number
Default: 20
ConstraintDescription: Please choose a valid Number
AllowedValues: [20, 30, 40, 50]
IOPS:
Description: total ipos
Type: Number
Default: 100
ConstraintDescription: Please choose a valid Number
AllowedValues: [100, 200, 500, 1000]
ImageId:
Type: String
Description: 'value for region singapore. If you using other version please choose right'
Default: 'ami-33e4bc49'
Resources:
EC2Example:
Type: "AWS::EC2::Instance"
Properties:
SubnetId: !Ref PrivateSubnet
ImageId: !Ref ImageId
InstanceType: !Ref InstanceType
KeyName: !Ref SSHKeyName
BlockDeviceMappings:
-
DeviceName: /dev/sda1
Ebs:
VolumeType: io1
Iops: !Ref IOPS
DeleteOnTermination: false
VolumeSize: !Ref VolumeSize
Outputs:
EC2Example:
Description: 'Ec2 instance EC2Example'
Value: !Ref EC2Example
Export:
Name: !Sub '${AWS::StackName}-EC2Example'
The CloudFormation template includes a SubnetId parameter:
Type: "AWS::EC2::Instance"
Properties:
SubnetId: String
Simply insert the ID of the existing Subnet (eg subnet-1234abcd).