salt cloud cant' set security group in ec2

Question

I'm launching windows ec2 instances using salt cloud. However I'm unable to set the security group. Instead of giving the instance the SG I specify, it gives you the 'default' security group.

Here's my cloud profile definition:

ec2_private_win_app1_c4.2xlarge:
provider: company-nonpod-us-east-1
image: ami-xxxxxx
size: c4.2xlarge
network_interfaces:
    - DeviceIndex: 0
PrivateIpAddresses:
    - Primary: True
#auto assign public ip (not EIP)
AssociatePublicIpAddress: False
SubnetId: subnet-xxxxx
SecurityGroupId: sg-xxxxxx
block_device_mappings:
   - DeviceName: /dev/sda1
     Ebs.VolumeSize: 120
     Ebs.VolumeType: gp2
   - DeviceName: /dev/sdf
     Ebs.VolumeSize: 100
     Ebs.VolumeType: gp2

The yaml checks out when I parse it with an online yaml checker. What can I do differently to get the security group I specify instead of the 'default' security group?

I also wanted to comment on this, there have been some issues with the latest version of Salt-Cloud which involved parsing security groups at deploy time. I'd recommend checking out their github issues (https://github.com/saltstack/salt/issues) for anything that looks comparable, it might be a bug; I had issues with version 2016.11.1 — Mr.Budris, Dec 22 '16 at 16:31

Mr.Budris · Answer 1 · 2016-12-13T22:00:53.600

0

If the security group (SG) is not in the same Virtual Private Cloud (VPC) as the subnet you are specifying it will fail to apply the security group to the instance.

edited Dec 13 '16 at 22:00

answered Dec 13 '16 at 21:42

Mr.Budris

552
5
21

salt cloud cant' set security group in ec2

1 Answers1