我正在使用CloudFormation创建一个EC2实例,其中提到了VPC,子网和安全组。但是,当实例旋转时,我无法通过ssh进入实例并获得以下消息:
无法确定主机'34 .217.129.89(34.217.129.89)'的真实性。 ECDSA密钥指纹为SHA256:rs3bjVKolzdmktzfiSd0Oo5RU6dLdT / PGHpycStgFK8。 ECDSA密钥指纹为MD5:7f:cc:61:c4:f3:1a:b7:45:9a:f0:da:e8:0c:a4:d9:bc。
确定要继续连接(是/否)吗?是的
警告:将“ 34.217.129.89”(ECDSA)永久添加到已知主机列表中。
使用相同的ImageID,VPC,子网,SecurityGroup和密钥。 我可以SSH到它。
我无法解决此问题,非常感谢您提供任何见解/解决方案。
AWSTemplateFormatVersion: 2010-09-09
Parameters:
EnvironmentName:
Description: An environment name that will be prefixed to resource names
Type: String
VpcCIDR:
Description: Please enter the IP range (CIDR notation) for this VPC
Type: String
Default: 10.192.0.0/16
PublicSubnet1CIDR:
Description: Please enter the IP range (CIDR notation) for the public subnet in the first Availability Zone
Type: String
Default: 10.192.10.0/24
PublicSubnet2CIDR:
Description: Please enter the IP range (CIDR notation) for the public subnet in the second Availability Zone
Type: String
Default: 10.192.11.0/24
InstanceType:
Description: WebServer EC2 instance type
Type: String
Default: t2.micro
AllowedValues: [ t1.micro, t2.nano, t2.micro, t2.small, t2.medium]
ConstraintDescription : must be a valid EC2 instance type.
KeyName:
Description: The EC2 Key Pair to allow SSH access to the instances
Type: AWS::EC2::KeyPair::KeyName
Default: jenkins-test
ConstraintDescription: must be the name of an existing EC2 KeyPair.
SSHLocation:
Description: The IP address range that can be used to SSH to the EC2 instances
Type: String
MinLength: 9
MaxLength: 18
Default: 0.0.0.0/0
AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VpcCIDR
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
- Key: Name
Value: !Ref EnvironmentName
InternetGateway:
Type: AWS::EC2::InternetGateway
DependsOn: VPC
Properties:
Tags:
- Key: Name
Value: !Ref EnvironmentName
InternetGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref VPC
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 0, !GetAZs ]
CidrBlock: !Ref PublicSubnet1CIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-Public-Subnet-(AZ1)
PublicSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 1, !GetAZs ]
CidrBlock: !Ref PublicSubnet2CIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-Public-Subnet-(AZ2)
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${EnvironmentName} Public Routes
DefaultPublicRoute:
Type: AWS::EC2::Route
DependsOn: InternetGatewayAttachment
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet1
PublicSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet2
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Enable SSH access and HTTP to instance
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: !Ref SSHLocation
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: !Ref SSHLocation
VpcId: !Ref VPC
Tags:
- Key: Name
Value: TestSecurity_group
MyInstance:
Type: AWS::EC2::Instance
Properties:
ImageId: ami-061392db613a6357b
InstanceType: !Ref InstanceType
SubnetId: !Ref PublicSubnet1
KeyName: !Ref KeyName
SecurityGroupIds:
- !Ref InstanceSecurityGroup
Tags:
- Key: Name
Value: TestServer
答案 0 :(得分:0)
在您的参数中,您具有:
KeyName:
Description: The EC2 Key Pair to allow SSH access to the instances
Type: AWS::EC2::KeyPair::KeyName
Default: jenkins-test
ConstraintDescription: must be the name of an existing EC2 KeyPair.