AWSTemplateFormatVersion: "2010-09-09"
Parameters:
VPCCIDR:
Type: String
Default: 10.1.0.0/16
PrivateSubnetCIDR:
Type: String
Default: 10.1.1.0/24
PublicSubnetCIDR:
Type: String
Default: 10.1.2.0/24
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VPCCIDR
Tags:
- Key: Name
Value: VPC
PrivateSubnet:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: !Ref PrivateSubnetCIDR
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PrivateSubnet
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
CidrBlock: !Ref PublicSubnetCIDR
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PublicSubnet
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: InternetGateway
GatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref VPC
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PublicRouteTable
Route:
Type: AWS::EC2::Route
Properties:
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
RouteTableId: !Ref PublicRouteTable
PublicRouteAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet
NatSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'Nat Security Group'
GroupName: NatSecurityGroup
SecurityGroupIngress:
- CidrIp: !Ref PrivateSubnetCIDR
Description: 'Private Subnet traffic'
FromPort: -1
ToPort: -1
IpProtocol: -1
VpcId: !Ref VPC
Tags:
- Key: Name
Value: NatSecurityGroup
NatInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-003acd4f8da7e06f9
InstanceType: t2.micro
KeyName: marjan
SubnetId: !Ref PublicSubnet
SecurityGroupIds:
- !Ref NatSecurityGroup
SourceDestCheck: false
Tags:
- Key: Name
Value: NatInstance
EIP:
Type: AWS::EC2::EIP
Properties:
InstanceId: !Ref NatInstance
Tags:
- Key: Name
Value: EIP
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PrivateRouteTable
NATRoute:
Type: AWS::EC2::Route
Properties:
DestinationCidrBlock: 0.0.0.0/0
InstanceId: !Ref NatInstance
RouteTableId: !Ref PrivateRouteTable
PrivateRouteAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PrivateRouteTable
SubnetId: !Ref PrivateSubnet
JumpBoxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'JumpBox Security Group'
GroupName: JumpBoxSG
SecurityGroupIngress:
- CidrIp: 62.162.179.210/32
Description: 'SSH'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: JumpBoxSecurityGroup
JumpBoxEC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-08e4e35cccc6189f4
InstanceType: t2.micro
NetworkInterfaces:
- AssociatePublicIpAddress: "true"
DeviceIndex: "0" ### dodeluva public ip adressa na prviot interface
SubnetId: !Ref PublicSubnet
GroupSet:
- !Ref JumpBoxSecurityGroup
KeyName: marjan
Tags:
- Key: Name
Value: JumpBoxEC2Instance
# Do tuka mrezhen del
PublicEC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'EC2Public'
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
Description: 'http'
FromPort: 80
ToPort: 80
IpProtocol: tcp
- SourceSecurityGroupId: !Ref JumpBoxSecurityGroup
Description: 'ssh Jumpbox'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PublicEC2SecurityGroup
PublicEC2Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-0022f774911c1d690
InstanceType: t2.micro
NetworkInterfaces:
- AssociatePublicIpAddress: "true"
DeviceIndex: "0"
SubnetId: !Ref PublicSubnet
GroupSet:
- !Ref PublicEC2SecurityGroup
KeyName: marjan
Tags:
- Key: Name
Value: PublicEC2Instance
PrivateEC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'EC2Public'
SecurityGroupIngress:
- SourceSecurityGroupId: !Ref PublicEC2SecurityGroup
Description: 'MySQL From Public EC2'
FromPort: 3306
ToPort: 3306
IpProtocol: tcp
- SourceSecurityGroupId: !Ref JumpBoxSecurityGroup
Description: 'SSH From JumpBox'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: PrivateEC2SecurityGroup
PrivateEC2tInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-0022f774911c1d690
InstanceType: t2.micro
SubnetId: !Ref PrivateSubnet
KeyName: marjan
SecurityGroupIds:
- !Ref PrivateEC2SecurityGroup
Tags:
- Key: Name
Value: PrivateEC2tInstance
Here is my code, i am having trouble connecting to the jumpbox instance, the instance is running but when i try to connect with it it gives me " connect to host 54.145.162.171 port 22: Connection timed out " 
I am using the commands on the screentshot , ihave no idea what's causing this problem, i cannot ssh to anything. if anyone has an idea how to solve this or has a few methods on solving this please let me know.
CodePudding user response:
Everything is fine except that you constrained your JumpBoxEC2Instance to be accessed only from 62.162.179.210/32. This is probably not your real address, even if you may think it is. If you double check your IP, or change the SG as shown below, it should work:
JumpBoxSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'JumpBox Security Group'
GroupName: JumpBoxSG
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
Description: 'SSH'
FromPort: 22
ToPort: 22
IpProtocol: tcp
VpcId: !Ref VPC
Tags:
- Key: Name
Value: JumpBoxSecurityGroup