Saturday, 4 January 2020

AWS Cloudformation LAB Part3






In the previous posts, we succeeded in getting the Linux web server running via a template in CloudFormation. Now we want to add in support for SSH access from the internet to the Linux Instance. Luckily AWS has designed their product around the ability to just update whats changed, rather than having to tear it down and rebuild it all again with the updated configuration.

To do this, go to the Update option in the CloudFormation stack page.


From here we want to select Edit template in designer, and then View in Designer, so we can access the existing template that is currently active.


This will take us back in to the designer. Click on the PublicSecurity resource, and make sure you have YAML mode on and that you are in the Component tab for the SecurityGroup resource.

Add in the following addition text to the SecurityGroupIngress:
        # --- This opens the SSH port on the SecurityGroup from any source inbound
        - IpProtocol: tcp
          FromPort: '22'
          ToPort: '22'
          CidrIp: 0.0.0.0/0



Once added, you can then click on the Cloud with Arrow icon top left, to then publish this update.


Chose Next at each of the following screens to keep all the other existing setting the same, then this will take you back to the Stack building page. As you can see from the progress, only the SecurityGroup is updated, and the rest of the design is left as is (so its fast).

Now you will be able to SSH to your web server ! Note you will need to login using your .pem file that you created when you setup the keypair for this LAB. A basic guide from AWS can be found HERE.

The updated LAB YAML template can be downloaded from HERE

So that's it - you are now well on your way with CloudFormation ! I hope you enjoyed the posts, and take them as just the start to continue your AWS development and usage.

The AWS CloudFormation guide can be accessed HERE, and has some really good details on design, usage, and sample snippets that you can add in to your own templates.

No comments:

Post a Comment