I have the following CloudFormation template that I use to create an EC2 instance in a single public subnet in a single availability zone. I have attach the internet gateway to the VPC and created ingress and egress routes to allow SSH connection to the EC2 instance.
Below is my CF template
AWSTemplateFormatVersion: "2010-09-09"
Description: "CF template for test website. v1.0.0. DEV Env"
Metadata:
Instances:
Description: "This is the dev environment architecture. Use the dev settings when setting up this environment"
Parameters:
ECommKeyPair:
Type: AWS::EC2::KeyPair::KeyName
Description: Select the dev key pair for the region
Resources:
DevEnvInternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Environment
Value: Dev
- Key: WebsiteName
Value: test
DevEnvVpc:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.1.1/16
EnableDnsHostnames: 'true'
EnableDnsSupport: 'true'
Tags:
- Key: Environment
Value: Dev
- Key: WebsiteName
Value: test
DevEnvVpcIgwAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId:
Ref: DevEnvVpc
InternetGatewayId:
Ref: DevEnvInternetGateway
DevEnvPublicSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: DevEnvVpc
CidrBlock: 10.0.1.1/16
AvailabilityZone: "us-west-2a"
MapPublicIpOnLaunch: 'true'
Tags:
- Key: Environment
Value: Dev
- Key: WebsiteName
Value: test
DevEnvSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow all inbound (ingress) and outbound (egress) traffic for port 22
GroupName: test-website-sec-group
VpcId:
Ref: DevEnvVpc
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
Description: allow all inbound traffic
IpProtocol: tcp
FromPort: 22
ToPort: 22
SecurityGroupEgress:
- CidrIp: 0.0.0.0/0
Description: allow all outbound traffic
IpProtocol: tcp
FromPort: 22
ToPort: 22
Tags:
- Key: Environment
Value: Dev
- Key: WebsiteName
Value: test
DevEnvRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: DevEnvVpc
Tags:
- Key: Environment
Value: Dev
- Key: WebsiteName
Value: test
DevEnvRoute:
Type: AWS::EC2::Route
Properties:
DestinationCidrBlock: 0.0.0.0/0
GatewayId:
Ref: DevEnvInternetGateway
RouteTableId:
Ref: DevEnvRouteTable
DevEnvEc2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
ImageId: ami-00f7e5c52c0f43726
AvailabilityZone: "us-west-2a"
KeyName:
Ref: ECommKeyPair
SecurityGroupIds:
- !GetAtt "DevEnvSecurityGroup.GroupId"
SubnetId:
Ref: DevEnvPublicSubnet
BlockDeviceMappings:
- DeviceName: /dev/xvda
Ebs:
VolumeSize: 20
VolumeType: gp2
Tags:
- Key: Environment
Value: Dev
- Key: WebsiteName
Value: test
I am using Putty to connect to the EC2 instance with the private key file(ppk) that I associated with the EC2 instance. When tried to connect to instance with Putty, it is receiving the "Network error: Connection timed out" error message.
I even cannot connect to the instance using the AWS inbuilt "EC2 Instance Connect" through the web browser as well.
Greatly appreciate if you could point out to me the issue in my CF template.
CodePudding user response:
You forgot to create AWS::EC2::SubnetRouteTableAssociation:
DevRouteAssos:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref DevEnvRouteTable
SubnetId: !Ref DevEnvPublicSubnet