--- AWSTemplateFormatVersion: '2010-09-09' Description: 'AWS CloudFormation Sample Template EC2InstanceWithSecurityGroupSample: Create an Amazon EC2 instance running the Amazon Linux AMI. The AMI is chosen based on the region in which the stack is run. This example creates an EC2 security group for the instance to give you SSH access. **WARNING** This template creates an Amazon EC2 instance. You will be billed for the AWS resources used if you create a stack from this template.' Parameters: KeyName: Description: Name of an existing EC2 KeyPair to enable SSH access to the instance Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: must be the name of an existing EC2 KeyPair. InstanceType: Description: WebServer EC2 instance type Type: String Default: t2.small AllowedValues: - t1.micro - t2.nano - t2.micro - t2.small - t2.medium - t2.large ConstraintDescription: must be a valid EC2 instance type. Default: t2.micro SSHLocation: Description: The IP address range that can be used to SSH to the EC2 instances Type: String MinLength: '9' MaxLength: '18' Default: 0.0.0.0/0 AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})" ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x. Mappings: AWSInstanceType2Arch: t1.micro: Arch: PV64 t2.nano: Arch: HVM64 t2.micro: Arch: HVM64 t2.small: Arch: HVM64 t2.medium: Arch: HVM64 t2.large: Arch: HVM64 AWSInstanceType2NATArch: t1.micro: Arch: NATPV64 t2.nano: Arch: NATHVM64 t2.micro: Arch: NATHVM64 t2.small: Arch: NATHVM64 t2.medium: Arch: NATHVM64 t2.large: Arch: NATHVM64 AWSRegionArch2AMI: us-east-1: PV64: ami-2a69aa47 HVM64: ami-6869aa05 HVMG2: ami-22b68b59 us-west-2: PV64: ami-7f77b31f HVM64: ami-7172b611 HVMG2: ami-be4ea3c6 us-west-1: PV64: ami-a2490dc2 HVM64: ami-31490d51 HVMG2: ami-cfe5cfaf eu-west-1: PV64: ami-4cdd453f HVM64: ami-f9dd458a HVMG2: ami-aedb26d7 eu-west-2: PV64: NOT_SUPPORTED HVM64: ami-886369ec HVMG2: NOT_SUPPORTED eu-central-1: PV64: ami-6527cf0a HVM64: ami-ea26ce85 HVMG2: ami-40b8102f ap-northeast-1: PV64: ami-3e42b65f HVM64: ami-374db956 HVMG2: ami-d95aabbf ap-northeast-2: PV64: NOT_SUPPORTED HVM64: ami-2b408b45 HVMG2: NOT_SUPPORTED ap-southeast-1: PV64: ami-df9e4cbc HVM64: ami-a59b49c6 HVMG2: ami-15660276 ap-southeast-2: PV64: ami-63351d00 HVM64: ami-dc361ebf HVMG2: ami-0b5a4168 ap-south-1: PV64: NOT_SUPPORTED HVM64: ami-ffbdd790 HVMG2: ami-f4cdb79b us-east-2: PV64: NOT_SUPPORTED HVM64: ami-f6035893 HVMG2: NOT_SUPPORTED ca-central-1: PV64: NOT_SUPPORTED HVM64: ami-730ebd17 HVMG2: NOT_SUPPORTED sa-east-1: PV64: ami-1ad34676 HVM64: ami-6dd04501 HVMG2: NOT_SUPPORTED cn-north-1: PV64: ami-77559f1a HVM64: ami-8e6aa0e3 HVMG2: NOT_SUPPORTED Resources: EC2Instance: Type: AWS::EC2::Instance Properties: InstanceType: Ref: InstanceType SecurityGroups: - Ref: InstanceSecurityGroup KeyName: Ref: KeyName ImageId: Fn::FindInMap: - AWSRegionArch2AMI - Ref: AWS::Region - Fn::FindInMap: - AWSInstanceType2Arch - Ref: InstanceType - Arch InstanceSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Enable SSH access via port 22 SecurityGroupIngress: - IpProtocol: tcp FromPort: '22' ToPort: '22' CidrIp: Ref: SSHLocation SetSecurityPartition: Type: Custom::SetSecurityPartition DependsOn: EC2Instance Properties: ServiceToken: !ImportValue PartitionPhaseAFunctionArn Outputs: InstanceId: Description: InstanceId of the newly created EC2 instance Value: Ref: EC2Instance AZ: Description: Availability Zone of the newly created EC2 instance Value: Fn::GetAtt: - EC2Instance - AvailabilityZone PublicDNS: Description: Public DNSName of the newly created EC2 instance Value: Fn::GetAtt: - EC2Instance - PublicDnsName PublicIP: Description: Public IP address of the newly created EC2 instance Value: Fn::GetAtt: - EC2Instance - PublicIp