개별 파라미터에 대해 여러 값을 사용하여 CloudFormation 템플릿에서 AWS CloudFormation 스택을 생성해야 합니다.
CloudFormation에는 사용자 계정에서 리소스 ID 값을 지정하기 위해 AWS 특정 파라미터 유형과 함께 사용할 수 있는 CommaDelimitedList 파라미터 유형이 있습니다. 올바르지 않은 값을 피하려면 CloudFormation 콘솔에서 AWS 특정 파라미터 유형을 사용합니다.
AWS Command Line Interface(AWS CLI) CloudFormation 명령 create-stack을 사용하는 경우 AWS 특정 목록 파라미터 유형에 대한 파라미터 값을 쉼표로 분리된 문자열로 전달해야 합니다.
CloudFormation 템플릿 생성에 대한 자세한 내용은 AWS CloudFormation 시작하기를 참조하십시오.
CloudFormation 템플릿에 목록 파라미터 유형을 추가합니다. 이 샘플 CloudFormation 템플릿에서는 키 SubnetIds를 포함하는 파라미터가 여러 개별 서브넷 ID 값을 허용할 수 있는 목록 파라미터 유형을 지정합니다.
JSON
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Parameters" : {
"VpcId" : {
"Type" : "AWS::EC2::VPC::Id",
"Description" : "VpcId of your existing Virtual Private Cloud (VPC)",
"ConstraintDescription" : "must be the VPC Id of an existing Virtual Private Cloud."
},
"Subnets" : {
"Type" : "List<AWS::EC2::Subnet::Id>",
"Description" : "The list of SubnetIds in your Virtual Private Cloud (VPC)",
"ConstraintDescription" : "must be a list of at least two existing subnets associated with at least two different availability zones. They should be residing in the selected Virtual Private Cloud."
},
"InstanceType" : {
"Description" : "WebServer EC2 instance type",
"Type" : "String",
"Default" : "t2.small",
"AllowedValues" : [ "t2.nano", "t2.micro", "t2.small", "t2.medium", "t2.large"],
"ConstraintDescription" : "must be a T2 instance type."
},
"KeyName" : {
"Description" : "The EC2 Key Pair to allow SSH access to the instances",
"Type" : "AWS::EC2::KeyPair::KeyName",
"ConstraintDescription" : "must be the name of an existing EC2 KeyPair."
},
"SSHLocation" : {
"Description" : "The IP address range that can be used to SSH to the EC2 instances",
"Type": "String",
"MinLength": "9",
"MaxLength": "18",
"Default": "0.0.0.0/0",
"AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x."
}
} ,
"Mappings": {
"AWSRegionAMIEC2": {
"ap-northeast-1": {
"AMZLN": "ami-ceafcba8"
},
"ap-southeast-1": {
"AMZLN": "ami-68097514"
},
"ap-southeast-2": {
"AMZLN": "ami-942dd1f6"
},
"eu-central-1": {
"AMZLN": "ami-5652ce39"
},
"eu-west-1": {
"AMZLN": "ami-d834aba1"
},
"us-east-1": {
"AMZLN": "ami-97785bed"
},
"us-west-1": {
"AMZLN": "ami-824c4ee2"
},
"us-west-2": {
"AMZLN": "ami-f2d3638a"
}
}
},
"Resources" : {
"WebServerGroup" : {
"Type" : "AWS::AutoScaling::AutoScalingGroup",
"Properties" : {
"VPCZoneIdentifier" : { "Ref" : "Subnets" },
"LaunchConfigurationName" : { "Ref" : "LaunchConfig" },
"MinSize" : "1",
"MaxSize" : "3",
},
"CreationPolicy" : {
"ResourceSignal" : {
"Timeout" : "PT15M",
"Count" : "1"
}
},
"UpdatePolicy": {
"AutoScalingRollingUpdate": {
"MinInstancesInService": "1",
"MaxBatchSize": "1",
"PauseTime" : "PT15M",
"WaitOnResourceSignals": "true"
}
}
},
"LaunchConfig" : {
"Type" : "AWS::AutoScaling::LaunchConfiguration",
"Metadata" : {
"Comment" : "Install httpd",
"AWS::CloudFormation::Init" : {
"config" : {
"packages" : {
"yum" : {
"httpd" : []
}
}
}
}
},
"Properties" : {
"KeyName" : { "Ref" : "KeyName" },
"ImageId": {
"Fn::FindInMap": [
"AWSRegionAMIEC2",
{
"Ref": "AWS::Region"
},
"AMZLN"
]
},
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ],
"InstanceType" : { "Ref" : "InstanceType" },
"UserData" : { "Fn::Base64" : { "Fn::Join" : ["", [
"#!/bin/bash -xe\n",
"/opt/aws/bin/cfn-init -v ",
" --stack ", { "Ref" : "AWS::StackName" },
" --resource LaunchConfig ",
" --region ", { "Ref" : "AWS::Region" }, "\n",
"/opt/aws/bin/cfn-signal -e $? ",
" --stack ", { "Ref" : "AWS::StackName" },
" --resource WebServerGroup ",
" --region ", { "Ref" : "AWS::Region" }, "\n"
]]}}
}
},
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access ",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" : { "Ref" : "SSHLocation"}
} ],
"VpcId" : { "Ref" : "VpcId" }
}
}
}
}
YAML
AWSTemplateFormatVersion: 2010-09-09
Parameters:
VpcId:
Type : 'AWS::EC2::VPC::Id'
Description : VpcId of your existing Virtual Private Cloud (VPC)
ConstraintDescription : >-
must be the VPC Id of an existing Virtual Private Cloud
Subnets:
Type: 'List<AWS::EC2::Subnet::Id>'
Description: The list of SubnetIds in your Virtual Private Cloud (VPC)
ConstraintDescription: >-
must be a list of at least two existing subnets associated with at least
two different availability zones. They should be residing in the selected
Virtual Private Cloud.
InstanceType:
Description: WebServer EC2 instance type
Type: String
Default: t2.small
AllowedValues:
- t2.nano
- t2.micro
- t2.small
- t2.medium
- t2.large
ConstraintDescription: must be a T2 instance type.
KeyName:
Description: The EC2 Key Pair to allow SSH access to the instances
Type: 'AWS::EC2::KeyPair::KeyName'
ConstraintDescription: must be the name of an existing EC2 KeyPair.
SSHLocation:
Description: The IP address range that can be used to SSH to the EC2 instances
Type: String
MinLength: '9'
MaxLength: '18'
Default: 0.0.0.0/0
AllowedPattern: '(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})'
ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
Mappings:
AWSRegionAMIEC2:
ap-northeast-1:
AMZLN: ami-ceafcba8
ap-southeast-1:
AMZLN: ami-68097514
ap-southeast-2:
AMZLN: ami-942dd1f6
eu-central-1:
AMZLN: ami-5652ce39
eu-west-1:
AMZLN: ami-d834aba1
us-east-1:
AMZLN: ami-97785bed
us-west-1:
AMZLN: ami-824c4ee2
us-west-2:
AMZLN: ami-f2d3638a
Resources:
WebServerGroup:
Type: 'AWS::AutoScaling::AutoScalingGroup'
Properties:
VPCZoneIdentifier: !Ref Subnets
LaunchConfigurationName: !Ref LaunchConfig
MinSize: '1'
MaxSize: '3'
CreationPolicy:
ResourceSignal:
Timeout: PT15M
Count: '1'
UpdatePolicy:
AutoScalingRollingUpdate:
MinInstancesInService: '1'
MaxBatchSize: '1'
PauseTime: PT15M
WaitOnResourceSignals: 'true'
LaunchConfig:
Type: 'AWS::AutoScaling::LaunchConfiguration'
Metadata:
Comment: Install httpd
'AWS::CloudFormation::Init':
config:
packages:
yum:
httpd: []
Properties:
KeyName: !Ref KeyName
ImageId: !FindInMap
- AWSRegionAMIEC2
- !Ref 'AWS::Region'
- AMZLN
SecurityGroups:
- !Ref InstanceSecurityGroup
InstanceType: !Ref InstanceType
UserData: !Base64
'Fn::Join':
- ''
- - |
#!/bin/bash -xe
- '/opt/aws/bin/cfn-init -v '
- ' --stack '
- !Ref 'AWS::StackName'
- ' --resource LaunchConfig '
- ' --region '
- !Ref 'AWS::Region'
- |+
- '/opt/aws/bin/cfn-signal -e $? '
- ' --stack '
- !Ref 'AWS::StackName'
- ' --resource WebServerGroup '
- ' --region '
- !Ref 'AWS::Region'
- |+
InstanceSecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: 'Enable SSH access '
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: !Ref SSHLocation
VpcId: !Ref VpcId
