Cloud formation contd

Change – 4 Create a private route table

• Refer Here for the changes

Change – 5: Add routes to route table to make it public

• For manual steps refer class room video
• Refer Here for cloudformation resource route
• Now execute the changeset
  

Change -6: Associate subnets to route table

• Associate web subnet to public route table and other subnets to private route table.
• Refer Here for the resource
• Refer Here for the changes to associate route table and update the stack
  
  

Change – 7 : Create security groups

• Web:
  • Ingress/Incoming:
    • Allow ssh (tcp 22) from any where
    • Allow http (tcp 80) from any where
    • Allow https (tcp 443) from any where
  • Egress/Outgoing:
    • Allow all traffic
• Refer Here for the changes to create web security group
• App:
  • Ingress/Incoming:
    • Any tcp port from vpc cidr (10.10.0.0/16)
  • Egress/Outgoing:
    • Allow all traffic
  • Refer Here for the changes done
• DB:
  • Ingress/Incoming:
    • Any tcp request on 3306 port from vpc cidr

Change – 8: Now apply the stack by changing parameter values

• Change the parameters by updating and using the same template
  

Concepts

• Changeset Refer Here
• In AWS cf when we update the values after the resources are created i.e. when we change the paramter values, following can happen
  • Replacement
  • No interruption
  • Some interruptions