-
Notifications
You must be signed in to change notification settings - Fork 4.3k
/
VPC_EC2_Instance_With_Multiple_Static_IPAddresses.yaml
157 lines (137 loc) · 4.43 KB
/
VPC_EC2_Instance_With_Multiple_Static_IPAddresses.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
AWSTemplateFormatVersion: "2010-09-09"
Description: |
Sample template showing how to create an instance with a single network
interface and multiple static IP addresses in an existing VPC. It assumes you
have already created a VPC. **WARNING** This template creates an Amazon EC2
instance. You will be billed for the AWS resources used if you create a stack
from this template.
Metadata:
License: Apache-2.0
Parameters:
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription: must be the name of an existing EC2 KeyPair.
InstanceType:
Description: WebServer EC2 instance type
Type: String
Default: t3.micro
ConstraintDescription: must be a valid EC2 instance type.
VpcId:
Description: VpcId of your existing Virtual Private Cloud (VPC)
Type: AWS::EC2::VPC::Id
ConstraintDescription: must be the VPC Id of an existing Virtual Private Cloud.
SubnetId:
Description: SubnetId of an existing subnet (for the primary network) in your Virtual Private Cloud (VPC)
Type: AWS::EC2::Subnet::Id
ConstraintDescription: must be an existing subnet in the selected Virtual Private Cloud.
PrimaryIPAddress:
Description: Primary private IP. This must be a valid IP address for Subnet
Type: String
AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})
ConstraintDescription: must be a valid IP address of the form x.x.x.x.
SecondaryIPAddress:
Description: Secondary private IP. This ust be a valid IP address for Subnet
Type: String
AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})
ConstraintDescription: must be a valid IP address of the form x.x.x.x.
SSHLocation:
Description: The IP address range that can be used to SSH to the EC2 instances
Type: String
Default: 0.0.0.0/0
MinLength: "9"
MaxLength: "18"
AllowedPattern: (\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})
ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
LatestAMI:
Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
Default: /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2
Resources:
# Elastic IP
EIP1:
Type: AWS::EC2::EIP
Properties:
Domain: vpc
# Elastic IP Association
EIPAssoc1:
Type: AWS::EC2::EIPAssociation
Properties:
NetworkInterfaceId: !Ref Eth0
AllocationId: !GetAtt EIP1.AllocationId
# Security group to limit access to port 22
SSHSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref VpcId
GroupDescription: Enable SSH access via port 22
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: "22"
ToPort: "22"
CidrIp: !Ref SSHLocation
# An instance that uses the latest ami id
EC2Instance:
Type: AWS::EC2::Instance
Metadata:
guard:
SuppressedRules:
- EC2_INSTANCES_IN_VPC
Properties:
ImageId: !Ref LatestAMI
InstanceType: !Ref InstanceType
KeyName: !Ref KeyName
NetworkInterfaces:
- NetworkInterfaceId: !Ref Eth0
DeviceIndex: "0"
Tags:
- Key: Name
Value: myInstance
# A network interface
Eth0:
Type: AWS::EC2::NetworkInterface
Properties:
Description: eth0
GroupSet:
- !Ref SSHSecurityGroup
PrivateIpAddresses:
- PrivateIpAddress: !Ref PrimaryIPAddress
Primary: "true"
- PrivateIpAddress: !Ref SecondaryIPAddress
Primary: "false"
SourceDestCheck: "true"
SubnetId: !Ref SubnetId
Tags:
- Key: Name
Value: Interface 0
- Key: Interface
Value: eth0
Outputs:
InstanceId:
Description: Instance Id of newly created instance
Value: !Ref EC2Instance
EIP1:
Description: Primary public IP of Eth0
Value: !Join
- ' '
- - IP address
- !Ref EIP1
- on subnet
- !Ref SubnetId
PrimaryPrivateIPAddress:
Description: Primary private IP address of Eth0
Value: !Join
- ' '
- - IP address
- !GetAtt Eth0.PrimaryPrivateIpAddress
- on subnet
- !Ref SubnetId
SecondaryPrivateIPAddresses:
Description: Secondary private IP address of Eth0
Value: !Join
- ' '
- - IP address
- !Select
- 0
- !GetAtt Eth0.SecondaryPrivateIpAddresses
- on subnet
- !Ref SubnetId