Public & Private AWS EC2 Instances with nested AWS Cloudformation Template
Here we will look at creating a cloud formation template that will deploy one public & one private EC2 instance using AWS Console. We will be discussing the nesting of templates but the templates can be used independent of the base templates as well, without using nesting. Use of base templates is not mandatory.
What is AWS CloudFormation?
AWS Cloudformation is an AWS service which can be used to create & deploy multiple AWS resources through a designer or a template. That saves a lot of time from managing or creating each resource one by one.
Prerequisites
You must have basic knowledge of AWS EC2, AWS Cloudformation & AWS VPC to follow the steps mentioned in this article.
VPC Template
Before creation of EC2 Instances we need one VPC instance and two Subnets for public and private EC2 instances respectively. We will be creating yaml templates.
Public subnet will have a public IP to communicate for inbound & outbound traffic where as private subnet will not have any public IP.
We will create a VPC Template that will be having a VPC resource, a public subnet, a private subnet, Internet gateway, VPC Gateway Attachment,route table,Gateway To Internet, Subnet Route Table Association,EIP and NAT Gateway. One important thing to note is that, for public subnet we will keep “MapPublicIpOnLaunch” attribute to true which indicates instances launched in this public subnet receive a public IPv4 address.
When we will add our template for VPC on designer we will get following resources in the designer. We can create the stack for VPC template if we are not using nesting.
EC2 Template
After creating VPC stack. We will create template for EC2 instances. The Template for EC2 instances will have two EC2 resource one for public instance and other one for private instance. We will also have a security group and that group will be referred by each instance.
Instances will have “NetworkInterfaces “ attribute that attribute will refer security group and public and private subnet for respective instances created in VPC stack earlier.
Following is the image of EC2 instances design on cloudformation designer. We can create the stack for EC2 template if we are not using nesting.
Upload Templates on S3
If we are using nested template in that case we will upload the EC2 and VPC templates on S3 to perform nesting from Base Templates of both and refer there paths in their respective base templates.
Nested Base Template
We will be using template nesting in the base templates of VPC and EC2 instances. The base template for EC2 instance will refer to EC2 public & private instances templates and VPC resources template will be nested in the VPC base template. Using AWS::CloudFormation::Stack.
We will create stack for the base template of VPC resources first.
After that we will create stack for base template of EC2 instances.
Github link for templates
All the required templates for VPC and EC2 are shared in the following git hub repository.
About the Author
Zamin Hassnain is a Senior Software Engineer having working experience of notable Software Companies. He has also worked as technical trainer. He has worked on multiple projects containing technology stack related to AWS Services,Dev Ops, Big Data, ETL, DWH, Python, C# & SQL.
