Skip to main content

VPC Configuration

Last updated on

Acquiring Default Subnet ID

  1. In the Amazon EC2 Console, go to VPC > Virtual Private Cloud > Your VPC.

  2. Save your VPC ID (marked as Default VPC).

  3. Go to VPC > Virtual Private Cloud > Your VPCs and select any of the subnets that have the same Default VPC ID. Copy the Subnet ID and paste it into your SAM Template.

    # For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC.
    # Required: Yes
    # More info about VpcConfig https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html
    VpcConfig:
        SecurityGroupIds:
            - ''
        SubnetIds:
            - ''

Acquiring Security Group ID

  1. In the Amazon EC2 Console, go to VPC > Security > Security Groups.

  2. Create a Security Group and fill out the Basic Details with the following fields:

    1. Input the Security Group Name and Description with a descriptive name for your group or project. In the below example, the Security Group Name has been called title-matchmaking-app.
    2. Choose the VPC with the Default VPC ID you created when acquiring the subnet ID.

  3. Add rules to a security group. Create two inbound rules and one outbound rule.

    1. Create two Inbound Rules with the following parameters:
      1. Select the Type with a Custom TCP and define the port range. 6379 has been used in the example below.
      2. Select Anywhere for the Source to allow all traffic from the specified protocol to reach your instance. This option will automatically add a 0.0.0.0/0 IPv4 CIDR block as the source.
      3. (Optional) Specify the description of the Rule.
    2. Create one Outbound Rule with the following parameters:
      1. Select All as the Type. The protocol and port range will be configured automatically.
      2. Select Custom as the Destination. You will need to input the IP address in CIDR notation, a CIDR block, another security group, or a prefix list to allow outbound traffic.
      3. (Optional) Specify the description of the Rule.

  4. Click the Create Security Group button. An overview of your security group will be displayed. Copy the security group ID and paste it on your SAM Template.

    # For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC.
    # Required: Yes
    # More info about VpcConfig https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html
    VpcConfig:
        SecurityGroupIds:
        - ''
        SubnetIds:
        - ''