我对 CloudFormation 模板还很陌生。我已经创建了一个具有 2 个公共(public)子网和 4 个私有(private)子网的 VPC。现在,我想在 2 个私有(private)子网中创建一个 EC2 实例,然后使用在公共(public)子网上创建的 ELB 对其进行负载均衡。下面是相同的 CFT 模板。
Parameters:
SecurityGroupDescription:
Description: Security Group Description
Type: String
KeyName:
Description: Key Pair for EC2
Type: 'AWS::EC2::KeyPair::KeyName'
VPC:
Description: Select VPC.
Type: AWS::EC2::VPC::Id
Subnet1:
Description: Private Subnet to Deploy Docker MFA.
Type: AWS::EC2::Subnet::Id
Subnet2:
Description: Private Subnet to Deploy Docker MFA.
Type: AWS::EC2::Subnet::Id
Mappings:
RegionMap:
us-west-2:
AMI: ami-0c54e4ec017b92f04
Resources:
EC2InstanceMule1:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
ImageId:
Fn::FindInMap:
- RegionMap
- Ref: AWS::Region
- AMI
SubnetId:
Ref: Subnet1
SecurityGroups:
- !GetAtt EC2SecurityGroup.GroupId
KeyName: !Ref KeyName
EC2InstanceMule2:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
ImageId:
Fn::FindInMap:
- RegionMap
- Ref: AWS::Region
- AMI
SubnetId:
Ref: Subnet2
SecurityGroups:
- !GetAtt EC2SecurityGroup.GroupId
KeyName: !Ref KeyName
# security group
ELBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: ELB Security Group
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
EC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: !Ref SecurityGroupDescription
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
SourceSecurityGroupId:
Fn::GetAtt:
- ELBSecurityGroup
- GroupId
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
# Load Balancer for EC2
LoadBalancerforEC2:
Type: AWS::ElasticLoadBalancing::LoadBalancer
Properties:
Instances:
- !Ref EC2InstanceMule1
- !Ref EC2InstanceMule2
Listeners:
- LoadBalancerPort: '80'
InstancePort: '80'
Protocol: HTTP
HealthCheck:
Target: HTTP:80/
HealthyThreshold: '3'
UnhealthyThreshold: '5'
Interval: '30'
Timeout: '5'
SecurityGroups:
- !GetAtt ELBSecurityGroup.GroupId
我收到以下错误:
参数 groupName 不能与参数子网一起使用(服务:AmazonEC2;状态代码:400;错误代码:InvalidParameterCombination
我已经完成了上一个相同错误的问题,并使用了正在创建的安全组 ID。错误仍然存在。此外,如果需要任何其他修改,我们将不胜感激。
最佳答案
您应该使用SecurityGroupIds ,而不是SecurityGroups。
关于amazon-web-services - 参数groupName 不能与参数subnet 一起使用。创建负载平衡的 EC2 实例,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/69990732/