Sample CloudFormation JSON to create an AWS EC2 instance
Summarize
Summarized using AI
This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.
Summary of Sample CloudFormation JSON to create an AWS EC2 instance
This CloudFormation JSON template enables ServiceNow customers to deploy an Amazon EC2 instance running the Amazon Linux AMI, automatically selected based on the region where the stack is launched. It also creates a security group that permits SSH access to the instance. This template is designed for use within ServiceNow catalog items, allowing integration with ServiceNow's data sources for networks, subnets, and key pairs.
Show less
Before deploying, it is essential to review the template to understand the AWS services provisioned and ensure that appropriate AWS permissions are granted to avoid deployment failures.
Key Features
- Parameterization: The template allows customization of key deployment attributes such as the EC2 KeyPair name, instance type (supporting a wide range of instance sizes), SSH access IP range, network, availability zone, and subnet pool.
- Metadata Integration: ServiceNow datasources dynamically populate parameters for the subnet pool, network, and key pairs, facilitating consistent and automated configuration within the ServiceNow environment.
- Architecture and AMI Mapping: The template includes mappings to select the appropriate AMI based on the EC2 instance type architecture and AWS region, ensuring the instance uses a compatible Amazon Linux AMI.
- Security Group Configuration: A security group is created to enable inbound SSH access on port 22, restricted by the specified IP CIDR range.
- Outputs: Provides the newly created EC2 instance ID and its availability zone, useful for further automation or tracking within ServiceNow.
Practical Considerations for ServiceNow Customers
- Permissions: Verify AWS permissions for creating EC2 instances, security groups, and accessing networking resources before ordering the catalog item to prevent stack creation failures.
- Customization: Modify parameters such as instance type or SSH location IP range according to your organization's needs and security policies.
- Billing Awareness: Using this template will incur AWS charges for the created resources; customers should plan accordingly.
- Network Integration: Leverages ServiceNow pools for networks and subnets to align EC2 instances with your existing cloud network architecture.
Expected Outcomes
Deploying this CloudFormation stack through ServiceNow results in a ready-to-use Amazon EC2 instance with secure SSH access configured. The instance will be launched in the specified subnet and availability zone, using an appropriate Amazon Linux AMI matched to the instance type and AWS region. This integration streamlines cloud resource provisioning directly from ServiceNow while maintaining control over configurations and permissions.
Reference code sample to deploy an Amazon AWS Cloud EC2 instance.
Deploying an AWS EC2 instance using CloudFormation
- While designing a catalog item, review the cloud formation template to identify the services that are being provisioned. Check that appropriate permissions for the services can be granted, to ensure that no failures occur from lack of permissions when the stack is ordered. For more information, see Configure permissions on the AWS console
- Make necessary modifications using this sample as your reference.
{
"AWSTemplateFormatVersion":"2010-09-09",
"Description":"AWS CloudFormation Sample Template EC2InstanceWithSecurityGroupSample: Create an Amazon EC2 instance running the Amazon Linux AMI. The AMI is chosen based on the region in which the stack is run. This example creates an EC2 security group for the instance to give you SSH access. **WARNING** This template creates an Amazon EC2 instance. You will be billed for the AWS resources used if you create a stack from this template.",
"Parameters":{
"KeyName":{
"Description":"Name of an existing EC2 KeyPair to enable SSH access to the instance",
"Type":"AWS::EC2::KeyPair::KeyName",
"Default":"admin-Default",
"ConstraintDescription":"must be the name of an existing EC2 KeyPair."
},
"InstanceType":{
"Description":"WebServer EC2 instance type",
"Type":"String",
"Default":"t2.micro",
"AllowedValues":[
"t1.micro",
"t2.nano",
"t2.micro",
"t2.small",
"t2.medium",
"t2.large",
"m1.small",
"m1.medium",
"m1.large",
"m1.xlarge",
"m2.xlarge",
"m2.2xlarge",
"m2.4xlarge",
"m3.medium",
"m3.large",
"m3.xlarge",
"m3.2xlarge",
"m4.large",
"m4.xlarge",
"m4.2xlarge",
"m4.4xlarge",
"m4.10xlarge",
"c1.medium",
"c1.xlarge",
"c3.large",
"c3.xlarge",
"c3.2xlarge",
"c3.4xlarge",
"c3.8xlarge",
"c4.large",
"c4.xlarge",
"c4.2xlarge",
"c4.4xlarge",
"c4.8xlarge",
"g2.2xlarge",
"g2.8xlarge",
"r3.large",
"r3.xlarge",
"r3.2xlarge",
"r3.4xlarge",
"r3.8xlarge",
"i2.xlarge",
"i2.2xlarge",
"i2.4xlarge",
"i2.8xlarge",
"d2.xlarge",
"d2.2xlarge",
"d2.4xlarge",
"d2.8xlarge",
"hi1.4xlarge",
"hs1.8xlarge",
"cr1.8xlarge",
"cc2.8xlarge",
"cg1.4xlarge"
],
"ConstraintDescription":"must be a valid EC2 instance type."
},
"SSHLocation":{
"Description":"The IP address range that can be used to SSH to the EC2 instances",
"Type":"String",
"MinLength":"9",
"MaxLength":"18",
"Default":"0.0.0.0/0",
"AllowedPattern":"(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})",
"ConstraintDescription":"must be a valid IP CIDR range of the form x.x.x.x/x."
},
"Network":{
"Description":"The Network to the EC2 instances",
"Type":"String"
},
"AvailabilityZone":{
"Description":"The AZ of the EC2 instance",
"Type":"String"
},
"SubnetPool":{
"Description":"The IP address range that can be used to SSH to the EC2 instances",
"Type":"String"
}
},
"Metadata":{
"SNC::Parameter::Metadata":{
"SubnetPool":{
"datasource":"ServiceNow::Pools::SubnetPool.getObjectsByNetwork",
"datasourceFilter":{
"Network":"Network"
}
},
"Network":{
"datasource":"ServiceNow::Pools::NetworkPool.getObjectsByLDC"
},
"KeyName":{
"datasource":"ServiceNow::Pools::CloudKeyPairPool.getObjectsByLDC"
}
}
},
"Mappings":{
"AWSInstanceType2Arch":{
"t1.micro":{
"Arch":"PV64"
},
"t2.nano":{
"Arch":"HVM64"
},
"t2.micro":{
"Arch":"HVM64"
},
"t2.small":{
"Arch":"HVM64"
},
"t2.medium":{
"Arch":"HVM64"
},
"t2.large":{
"Arch":"HVM64"
},
"m1.small":{
"Arch":"PV64"
},
"m1.medium":{
"Arch":"PV64"
},
"m1.large":{
"Arch":"PV64"
},
"m1.xlarge":{
"Arch":"PV64"
},
"m2.xlarge":{
"Arch":"PV64"
},
"m2.2xlarge":{
"Arch":"PV64"
},
"m2.4xlarge":{
"Arch":"PV64"
},
"m3.medium":{
"Arch":"HVM64"
},
"m3.large":{
"Arch":"HVM64"
},
"m3.xlarge":{
"Arch":"HVM64"
},
"m3.2xlarge":{
"Arch":"HVM64"
},
"m4.large":{
"Arch":"HVM64"
},
"m4.xlarge":{
"Arch":"HVM64"
},
"m4.2xlarge":{
"Arch":"HVM64"
},
"m4.4xlarge":{
"Arch":"HVM64"
},
"m4.10xlarge":{
"Arch":"HVM64"
},
"c1.medium":{
"Arch":"PV64"
},
"c1.xlarge":{
"Arch":"PV64"
},
"c3.large":{
"Arch":"HVM64"
},
"c3.xlarge":{
"Arch":"HVM64"
},
"c3.2xlarge":{
"Arch":"HVM64"
},
"c3.4xlarge":{
"Arch":"HVM64"
},
"c3.8xlarge":{
"Arch":"HVM64"
},
"c4.large":{
"Arch":"HVM64"
},
"c4.xlarge":{
"Arch":"HVM64"
},
"c4.2xlarge":{
"Arch":"HVM64"
},
"c4.4xlarge":{
"Arch":"HVM64"
},
"c4.8xlarge":{
"Arch":"HVM64"
},
"g2.2xlarge":{
"Arch":"HVMG2"
},
"g2.8xlarge":{
"Arch":"HVMG2"
},
"r3.large":{
"Arch":"HVM64"
},
"r3.xlarge":{
"Arch":"HVM64"
},
"r3.2xlarge":{
"Arch":"HVM64"
},
"r3.4xlarge":{
"Arch":"HVM64"
},
"r3.8xlarge":{
"Arch":"HVM64"
},
"i2.xlarge":{
"Arch":"HVM64"
},
"i2.2xlarge":{
"Arch":"HVM64"
},
"i2.4xlarge":{
"Arch":"HVM64"
},
"i2.8xlarge":{
"Arch":"HVM64"
},
"d2.xlarge":{
"Arch":"HVM64"
},
"d2.2xlarge":{
"Arch":"HVM64"
},
"d2.4xlarge":{
"Arch":"HVM64"
},
"d2.8xlarge":{
"Arch":"HVM64"
},
"hi1.4xlarge":{
"Arch":"HVM64"
},
"hs1.8xlarge":{
"Arch":"HVM64"
},
"cr1.8xlarge":{
"Arch":"HVM64"
},
"cc2.8xlarge":{
"Arch":"HVM64"
}
},
"AWSRegionArch2AMI":{
"us-east-1":{
"PV64":"ami-2a69aa47",
"HVM64":"ami-6869aa05",
"HVMG2":"ami-a41a3fb3"
},
"us-west-2":{
"PV64":"ami-7f77b31f",
"HVM64":"ami-7172b611",
"HVMG2":"ami-caf253aa"
},
"us-west-1":{
"PV64":"ami-a2490dc2",
"HVM64":"ami-31490d51",
"HVMG2":"ami-00347e60"
},
"eu-west-1":{
"PV64":"ami-4cdd453f",
"HVM64":"ami-f9dd458a",
"HVMG2":"ami-e2f7bd91"
},
"eu-central-1":{
"PV64":"ami-6527cf0a",
"HVM64":"ami-ea26ce85",
"HVMG2":"ami-d2ff04bd"
},
"ap-northeast-1":{
"PV64":"ami-3e42b65f",
"HVM64":"ami-374db956",
"HVMG2":"ami-4c78d52d"
},
"ap-northeast-2":{
"PV64":"NOT_SUPPORTED",
"HVM64":"ami-2b408b45",
"HVMG2":"NOT_SUPPORTED"
},
"ap-southeast-1":{
"PV64":"ami-df9e4cbc",
"HVM64":"ami-a59b49c6",
"HVMG2":"ami-f3f95990"
},
"ap-southeast-2":{
"PV64":"ami-63351d00",
"HVM64":"ami-dc361ebf",
"HVMG2":"ami-3a122e59"
},
"ap-south-1":{
"PV64":"NOT_SUPPORTED",
"HVM64":"ami-ffbdd790",
"HVMG2":"ami-21a7d34e"
},
"us-east-2":{
"PV64":"NOT_SUPPORTED",
"HVM64":"ami-f6035893",
"HVMG2":"NOT_SUPPORTED"
},
"sa-east-1":{
"PV64":"ami-1ad34676",
"HVM64":"ami-6dd04501",
"HVMG2":"NOT_SUPPORTED"
},
"cn-north-1":{
"PV64":"ami-77559f1a",
"HVM64":"ami-8e6aa0e3",
"HVMG2":"NOT_SUPPORTED"
}
}
},
"Resources":{
"EC2Instance":{
"Type":"AWS::EC2::Instance",
"Properties":{
"InstanceType":{
"Ref":"InstanceType"
},
"KeyName":{
"Ref":"KeyName"
},
"SubnetId":{
"Ref":"SubnetPool"
},
"ImageId":{
"Fn::FindInMap":[
"AWSRegionArch2AMI",
{
"Ref":"AWS::Region"
},
{
"Fn::FindInMap":[
"AWSInstanceType2Arch",
{
"Ref":"InstanceType"
},
"Arch"
]
}
]
}
}
},
"InstanceSecurityGroup":{
"Type":"AWS::EC2::SecurityGroup",
"Properties":{
"GroupDescription":"Enable SSH access via port 22",
"SecurityGroupIngress":[
{
"IpProtocol":"tcp",
"FromPort":"22",
"ToPort":"22",
"CidrIp":{
"Ref":"SSHLocation"
}
}
]
}
}
},
"Outputs":{
"InstanceId":{
"Description":"InstanceId of the newly created EC2 instance",
"Value":{
"Ref":"EC2Instance"
}
},
"AZ":{
"Description":"Availability Zone of the newly created EC2 instance",
"Value":{
"Fn::GetAtt":[
"EC2Instance",
"AvailabilityZone"
]
}
}
}
}