스택으로
더보기
Parameters:
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instances. Linked to AWS Parameter
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription: must be the name of an existing EC2 KeyPair.
Resources:
CloudNetVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
Tags:
- Key: Name
Value: CloudNeta-VPC
CloudNetIGW:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: CloudNeta-IGW
CloudNetaIGWAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref CloudNetIGW
VpcId: !Ref CloudNetVPC
CloudNetaPublicRT:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref CloudNetVPC
Tags:
- Key: Name
Value: CloudNeta-Public-RT
DefaultPublicRoute:
Type: AWS::EC2::Route
DependsOn: CloudNetaIGWAttachment
Properties:
RouteTableId: !Ref CloudNetaPublicRT
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref CloudNetIGW
CloudNetaPrivateSN:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref CloudNetVPC # 생성된 VPC를 참조
CidrBlock: 10.0.1.0/24 # 서브넷의 CIDR 블록
AvailabilityZone: ap-northeast-2c # 지정된 가용영역
Tags:
- Key: Name
Value: CloudNeta-Private-SN # 서브넷의 Name 태그
CloudNetaPrivateRT:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref CloudNetVPC # 생성된 VPC를 참조
Tags:
- Key: Name
Value: CloudNeta-Private-RT # 라우팅 테이블의 Name 태그
CloudNetaPublicSNRouteTableAssociation2:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref CloudNetaPrivateSN # 프라이빗 서브넷을 참조
RouteTableId: !Ref CloudNetaPrivateRT # 프라이빗 라우팅 테이블을 참조
CloudNetaPrivateEC2:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro # 인스턴스 유형을 지정 (필요에 맞게 수정 가능)
ImageId: ami-048c8b90bfe9b49b8 # 사용하려는 AMI ID (사용하려는 이미지 ID로 수정 필요)
KeyName: !Ref KeyName # EC2 인스턴스에 SSH 접근을 위한 키 이름을 참조
Tags:
- Key: Name
Value: CloudNeta-Private-EC2 # 태그를 지정
NetworkInterfaces:
- DeviceIndex: 0
SubnetId: !Ref CloudNetaPrivateSN # 프라이빗 서브넷에 배치
AssociatePublicIpAddress: false # 퍼블릭 IP를 할당하지 않음 (프라이빗 서브넷에서만 사용)
SecurityGroups:
- !Ref CloudNetaSecurityGroup # 인스턴스에 적용할 보안 그룹
CloudNetaPublicSN1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref CloudNetVPC
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: 10.0.0.0/24
Tags:
- Key: Name
Value: CloudNeta-Public-SN-1
CloudNetaPublicSNRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref CloudNetaPublicRT
SubnetId: !Ref CloudNetaPublicSN1
NATGatway:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt EIP.AllocationId
subnetId: !Ref CloudNetaPublicSN1
Tags:
- Key: Name
Value: NAT-Gateway
EIP:
Type: AWS::ES2::EIP
Properties:
Domain: vpc
NATRoute:
Type: AWS::EC2::Route
DependsOn: NATGatWay
Properties:
RouteTableId: !Ref CloudNetaPrivateRT
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NATGatWay
CloudNetaSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Enable HTTP access via port 80 and SSH access via port 22
VpcId: !Ref CloudNetVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: icmp
FromPort: -1
ToPort: -1
CidrIp: 0.0.0.0/0
CloudNetaPublicEC2:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
ImageId: ami-048c8b90bfe9b49b8
KeyName: !Ref KeyName
Tags:
- Key: Name
Value: CloudNeta-Public-EC2
NetworkInterfaces:
- DeviceIndex: 0
SubnetId: !Ref CloudNetaPublicSN1
GroupSet:
- !Ref CloudNetaSecurityGroup
AssociatePublicIpAddress: false
UserData:
Fn::Base64:
!Sub |
#! /bin/bash
amazon-linux-extras install epel -y
yum install httpd -y
systemctl enable --now httpd
echo "<h1> ho </h1>" > /var/www/html/
'AWS와 Azure 기반 하이브리드 멀티클라우드 DevOps > AWS' 카테고리의 다른 글
| 2025-01-17_Global Accelerator (0) | 2025.01.17 |
|---|---|
| 2025-01-14_도메인 (0) | 2025.01.14 |
| 2025-01-06_CloudFormation에서 보안그룹과 네트워크 ACL 실습2 (0) | 2025.01.06 |
| 2025-01-06_CloudFormation에서 보안그룹과 네트워크 ACL 실습 (0) | 2025.01.06 |
| 2025-01-06_콘솔에서 본안그룹과 네트워크 ACL 실습 (0) | 2025.01.06 |
