AWSTemplateFormatVersion: 2010-09-09 Description: Cloudformation template with errors to fix Mappings: SubnetConfig: VPC1: CIDR: 10.1.0.0/16 Public1: CIDR: 10.1.0.0/24 Resources: VPC1: Type: 'AWS::EC2::VPC' Properties: EnableDnsSupport: 'true' EnableDnsHostnames: 'true' CidrBlock: !FindInMap - SubnetConfig - VPC1 - CIDR Tags: - Key: Name Value: VPC1 - Key: Application Value: !Ref 'AWS::StackName' - Key: Network Value: VPC PublicSubnet1: Type: 'AWS::EC2::Subnet' Properties: VpcId: !Ref VPC1 AvailabilityZone: !Select - '0' - !GetAZs '' CidrBlock: !FindInMap - SubnetConfig - Public1 - CIDR Tags: - Key: Application Value: !Ref 'AWS::StackName' - Key: Network Value: Public1 - Key: Name Value: PublicSubnet1 InternetGateway1: Type: 'AWS::EC2::InternetGateway' Properties: Tags: - Key: Application Value: !Ref 'AWS::StackName' - Key: Network Value: Public Gateway1ToInternet: Type: 'AWS::EC2::VPCGatewayAttachment' Properties: VpcId: !Ref VPC1 InternetGatewayId: !Ref InternetGateway1 Public1RouteTable: Type: 'AWS::EC2::RouteTable' Properties: VpcId: !Ref VPC1 Tags: - Key: Application Value: !Ref 'AWS::StackName' - Key: Network Value: Public - Key: Name Value: Public1-RT Public1Route: Type: 'AWS::EC2::Route' DependsOn: Gateway1ToInternet Properties: RouteTableId: !Ref Public1RouteTable DestinationCidrBlock: 0.0.0.0/0 GatewayId: !Ref InternetGateway1 Public1SubnetRouteTableAssociation1: Type: 'AWS::EC2::SubnetRouteTableAssociation' Properties: SubnetId: !Ref PublicSubnet1 RouteTableId: !Ref Public1RouteTable Public1NetworkAcl: Type: 'AWS::EC2::NetworkAcl' Properties: VpcId: !Ref VPC1 Tags: - Key: Application Value: !Ref 'AWS::StackName' - Key: Network Value: Public - Key: Name Value: Public1-NACL InboundSSHPublic1NetworkAclEntry: Type: 'AWS::EC2::NetworkAclEntry' Properties: NetworkAclId: !Ref Public1NetworkAcl RuleNumber: '102' Protocol: '6' RuleAction: allow Egress: 'false' CidrBlock: 0.0.0.0/0 PortRange: From: '22' To: '22' InboundEmphemeralPublic1NetworkAclEntry: Type: 'AWS::EC2::NetworkAclEntry' Properties: NetworkAclId: !Ref Public1NetworkAcl RuleNumber: '103' Protocol: '6' RuleAction: allow Egress: 'false' CidrBlock: 0.0.0.0/0 PortRange: From: '1024' To: '65535' OutboundPublic1NetworkAclEntry: Type: 'AWS::EC2::NetworkAclEntry' Properties: NetworkAclId: !Ref Public1NetworkAcl RuleNumber: '100' Protocol: '6' RuleAction: allow Egress: 'true' CidrBlock: 0.0.0.0/0 PortRange: From: '0' To: '65535' Public1SubnetNetworkAclAssociation1: Type: 'AWS::EC2::SubnetNetworkAclAssociation' Properties: SubnetId: !Ref PublicSubnet1 NetworkAclId: !Ref Public1NetworkAcl EC2PublicSecurityGroup1: Type: 'AWS::EC2::SecurityGroup' Properties: GroupDescription: Enable access to the EC2 host VpcId: !Ref VPC1 SecurityGroupIngress: - IpProtocol: tcp FromPort: '22' ToPort: '22' CidrIp: 0.0.0.0/0 - IpProtocol: icmp FromPort: '-1' ToPort: '-1' CidrIp: 0.0.0.0/0 Tags: - Key: Name Value: SG-Public1 Instance1: Type: 'AWS::EC2::Instance' Properties: InstanceType: t3.micro ImageId: ami-0c02fb55956c7d317 KeyName: useast1key UserData: !Base64 'Fn::Join': - '' - - | #!/bin/bash - | /bin/echo '%password%' | /bin/passwd cloud_user --stdin NetworkInterfaces: - GroupSet: - !Ref EC2PublicSecurityGroup AssociatePublicIpAddress: 'true' DeviceIndex: '0' DeleteOnTermination: 'true' SubnetId: !Ref PublicSubnet1 Tags: - Key: Name Value: Instance1 Outputs: pubIpAddress1: Description: 'PUBLIC ip address of INSTANCE1 ' Value: !GetAtt - Instance1 - PublicIp privIpAddress1: Description: 'PRIVATE ip address of INSTANCE1 ' Value: !GetAtt - Instance1 - PrivateIp