0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

ec2のwindows server 2025 インスタンスにrdp接続するcloudformation のyaml

Posted at
AWSTemplateFormatVersion: '2010-09-09'
Description: >
  Create a new VPC, Subnet, and a Windows Server EC2 instance with RDP enabled (no parameters needed).

Resources:
  #------------------------------------
  # VPC
  #------------------------------------
  MyVPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16
      EnableDnsSupport: true
      EnableDnsHostnames: true
      Tags:
        - Key: Name
          Value: DemoVPC

  #------------------------------------
  # Internet Gateway + VPC アタッチ
  #------------------------------------
  MyInternetGateway:
    Type: AWS::EC2::InternetGateway

  MyVPCGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      InternetGatewayId: !Ref MyInternetGateway
      VpcId: !Ref MyVPC

  #------------------------------------
  # Public Route Table + ルート設定
  #------------------------------------
  MyRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref MyVPC

  MyRoute:
    Type: AWS::EC2::Route
    Properties:
      RouteTableId: !Ref MyRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref MyInternetGateway

  #------------------------------------
  # Public Subnet + RouteTable アソシエーション
  #------------------------------------
  MySubnet:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.1.0/24
      MapPublicIpOnLaunch: true
      AvailabilityZone: !Select 
        - 0
        - !GetAZs '' 
      Tags:
        - Key: Name
          Value: DemoSubnet

  MySubnetRouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref MySubnet
      RouteTableId: !Ref MyRouteTable

  #------------------------------------
  # Security Group for RDP
  #------------------------------------
  WindowsSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Security group for Windows RDP
      VpcId: !Ref MyVPC
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 3389
          ToPort: 3389
          CidrIp: 0.0.0.0/0  # 実運用では接続元IPを絞り込むこと

  #------------------------------------
  # Windows Server EC2 Instance
  #------------------------------------
  WindowsInstance:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: t3.micro
      ImageId: !Sub "{{resolve:ssm:/aws/service/ami-windows-latest/Windows_Server-2025-English-Full-Base:1}}"
      SubnetId: !Ref MySubnet
      SecurityGroupIds:
        - !Ref WindowsSecurityGroup
      # KeyName は指定せず、UserData で簡易的に管理者パスワードをセットする例
      # パスワードはプレーンテキストなのであくまでデモ用途です
      UserData:
        Fn::Base64: !Sub |
          <powershell>
          net user Administrator "P@ssw0rd123"
          </powershell>

Outputs:
  InstanceId:
    Description: EC2 Instance ID
    Value: !Ref WindowsInstance

  PublicIp:
    Description: Public IP Address of the Windows Instance
    Value: !GetAtt WindowsInstance.PublicIp
  • ご自分の現在のグローバル IP は、検索サイトやルーター管理画面などで確認できます (例: “What is my IP” などで検索)。
  • ダイナミック IP (プロバイダによって頻繁に変わる IP) の場合、このように特定 IP を絞り込むと都度修正が必要になります。
  • もし範囲指定したい場合は、 203.0.113.0/24 のように CIDR ブロックを変更してください。
  • 本番運用では、「0.0.0.0/0」での全開放は推奨されません。極力、許可するグローバル IP 範囲を限定してセキュリティを強化しましょう。
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?