Adding an existing security group CloudFormation EC2 template

Question

Instead of having to set ingress and egress rules, how do I reference existing EC2 security groups in a CloudFormation Template?

```
   Resources:
      EC2Instance:
        Type: AWS::EC2::Instance
        Properties:
          InstanceType:
            Ref: InstanceType
          SecurityGroups:
          - Ref: InstanceSecurityGroup
          KeyName:
            Ref: KeyName
          ImageId:
            Fn::FindInMap:
            - AWSRegionArch2AMI
            - Ref: AWS::Region
            - Fn::FindInMap:
              - AWSInstanceType2Arch
              - Ref: InstanceType
              - Arch
      InstanceSecurityGroup:
        Type: AWS::EC2::SecurityGroup
        Properties:
          GroupDescription: Existing Groups
          SecurityGroupIds:
          - Ref: sg-12345
          - Ref: sg-12312
```

-------------------------

```
 
  SecurityGroupIngress:
  - IpProtocol: tcp
    FromPort: 80
    ToPort: 80
    CidrIp: 0.0.0.0/0
  SecurityGroupEgress:
  - IpProtocol: tcp
    FromPort: 80
    ToPort: 80
    CidrIp: 0.0.0.0/0
```

Accepted Answer

Hi,  
To refer to existing Security Groups, you can add them straight into your EC2 Resource Properties, under SecurityGroupIds.

```
Resources:
    EC2Instance:
        Type: AWS::EC2::Instance
        Properties:
            InstanceType:
                Ref: InstanceType
            SecurityGroupIds:
              - sg-12345
              - sg-12312
            KeyName: 
                Ref: KeyName
            ImageId: 
                Fn::FindInMap:
                - AWSRegionArch2AMI
                - Ref: AWS::Region
                - Fn::FindInMap:
                  - AWSInstanceType2Arch
                  - Ref: InstanceType
                  - Arch
```

Hope this helps!  
-randy

Answer

Yes, perfect. Thanks!

Adding an existing security group CloudFormation EC2 template

Conteúdo relevante