Cloud formation contd
Change – 4 Create a private route table
- Refer Here for the changes
Change – 5: Add routes to route table to make it public
- For manual steps refer class room video
- Refer Here for cloudformation resource route
- Now execute the changeset
Change -6: Associate subnets to route table
- Associate web subnet to public route table and other subnets to private route table.
- Refer Here for the resource
- Refer Here for the changes to associate route table and update the stack
Change – 7 : Create security groups
- Web:
- Ingress/Incoming:
- Allow ssh (tcp 22) from any where
- Allow http (tcp 80) from any where
- Allow https (tcp 443) from any where
- Egress/Outgoing:
- Allow all traffic
- Ingress/Incoming:
- Refer Here for the changes to create web security group
- App:
- Ingress/Incoming:
- Any tcp port from vpc cidr (10.10.0.0/16)
- Egress/Outgoing:
- Allow all traffic
- Refer Here for the changes done
- Ingress/Incoming:
- DB:
- Ingress/Incoming:
- Any tcp request on 3306 port from vpc cidr
- Ingress/Incoming:
Change – 8: Now apply the stack by changing parameter values
- Change the parameters by updating and using the same template
Concepts
- Changeset Refer Here
- In AWS cf when we update the values after the resources are created i.e. when we change the paramter values, following can happen
- Replacement
- No interruption
- Some interruptions
