How to describe an instance in AWS CloudFormation

0
votes

I am trying to write an cloudformation template where a security group ingress rule will contain an security group of an existing EC2 instance. It should have the following property:

  • User dont have to enter the security group as parameter.
  • Cloudformation will not create the ec2.
  • Instead the cloudformation will search for that existing instance and findout its security group and then we will use that using Fn::GetAttr may be.

I know we can do a describe-instance from aws cli and put the security group as input of cloudformation template but I was thinking can the same be done from Cloudformation template itself.

A small example would be helpful. Thanks

1
amazon-web-servicesamazon-ec2amazon-cloudformation

1 Answers

0
votes

I was thinking can the same be done from Cloudformation template itself.

Yes, it can be done using custom resources. The custom resource would a lambda function which would use AWS SDK's describe-instance to do the search, find the security group id, and return to the CloudFormation.

Regarding the example, you can have a look at my answer to this question. For the answer I developed similar custom resource. It was getting info about Elastic Beanstalk resource, but it could be modified to use describe_instances instead of describe_environment_resources to suit your needs.