본문 바로가기
AWS와 Azure 기반 하이브리드 멀티클라우드 DevOps/AWS

2025-01-06_CloudFormation에서 보안그룹과 네트워크 ACL 실습2

dltjgus00 2025. 1. 6. 17:28

더보기
Parameters:
  KeyName:
    Description: Name of an existing EC2 KeyPair to enable SSH access to the instances. Linked to AWS Parameter
    Type: AWS::EC2::KeyPair::KeyName
    ConstraintDescription: must be the name of an existing EC2 KeyPair.

Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16
      Tags:
        - Key: Name
          Value: VPC


  PublicSN:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      CidrBlock: 10.0.0.0/24
      AvailabilityZone: ap-northeast-2a
      Tags:
        - Key: Name
          Value: Private-SN

  PrivateSN:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      CidrBlock: 10.0.1.0/24
      AvailabilityZone: !Select [ 0, !GetAZs '' ]
      Tags:
        - Key: Name
          Value: Private-SN


  PublicRT:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value: Public-RT
         
  PrivateRT:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value: Private-RT

  IGW:
    Type: AWS::EC2::InternetGateway
    Properties:
      Tags:
        - Key: Name
          Value: IGW

  IGWAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      InternetGatewayId: !Ref IGW
      VpcId: !Ref VPC

  DefaultPublicRoute:
    Type: AWS::EC2::Route
    Properties:
      RouteTableId: !Ref PublicRT
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref IGW

  PublicSNRouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      RouteTableId: !Ref PublicRT
      SubnetId: !Ref PublicSN

  PrivateSNRouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      RouteTableId: !Ref PrivateRT
      SubnetId: !Ref PrivateSN

  SecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Enable HTTP 80 and SSH 22
      VpcId: !Ref VPC
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 22
          ToPort: 22
          CidrIp: 0.0.0.0/0
        - IpProtocol: icmp
          FromPort: -1
          ToPort: -1
          CidrIp: 0.0.0.0/0

  PublicEC2:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: t2.micro
      ImageId: ami-048c8b90bfe9b49b8
      KeyName: !Ref KeyName
      Tags:
        - Key: Name
          Value: Public-EC2
      NetworkInterfaces:
        - DeviceIndex: 0
          SubnetId: !Ref PublicSN
          GroupSet:
            - !Ref SecurityGroup
          AssociatePublicIpAddress: true

  PrivateEC2:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: t2.micro
      ImageId: ami-048c8b90bfe9b49b8
      KeyName: !Ref KeyName
      Tags:
        - Key: Name
          Value: Private-EC2
      NetworkInterfaces:
        - DeviceIndex: 0
          SubnetId: !Ref PrivateSN
          GroupSet:
            - !Ref SecurityGroup
          AssociatePublicIpAddress: false

 

'AWS와 Azure 기반 하이브리드 멀티클라우드 DevOps > AWS' 카테고리의 다른 글

2025-01-14_도메인  (0) 2025.01.14
2025-01-06_CloudFormation에서 보안그룹과 네트워크 ACL 실습3  (0) 2025.01.06
2025-01-06_CloudFormation에서 보안그룹과 네트워크 ACL 실습  (0) 2025.01.06
2025-01-06_콘솔에서 본안그룹과 네트워크 ACL 실습  (0) 2025.01.06
2025-12-03_스택에서 인스턴스 생성  (0) 2025.01.03

'AWS와 Azure 기반 하이브리드 멀티클라우드 DevOps/AWS' Related Articles

티스토리툴바