You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@jclouds.apache.org by Coder One <co...@yahoo.com> on 2013/11/24 06:06:08 UTC

VPC/Subnet/SecurityGroup - Doc Correct?

Is the below statement accurate?  Well, what does the statement mean?  

http://jclouds.apache.org/documentation/userguide/using-ec2/


VPC
To create nodes in a subnet under Amazon VPC add the following option to your template options. Note that VPCs and Security Groups are mutually exclusive.

I hope the statement above does not mean that it is not possible to designate a VPC and a given Security Group for a given machine instance.

Per AWS doc and actual experience, a VPC, V, can have multiple subnets (S1, S2, S3), and a VPC can have multiple Security Groups (SG1, SG2, SG3, etc). 

An instance launched into S1 can choose either SG1, SG2, or SG3 as its security group.  Similarly, an instance launched into S2 can choose either SG1, SG2, or SG3.

Re: VPC/Subnet/SecurityGroup - Doc Correct?

Posted by Coder One <co...@yahoo.com>.

Fantastic...here is the code to assign a VPC subnet and a VPC security group to help other readers.

template.getOptions().as(AWSEC2TemplateOptions.class).subnetId(subnetId).securityGroupIds(securityGroupId);

And the EC2-classic approach.

template.getOptions().as(AWSEC2TemplateOptions.class).subnetId(subnetId).securityGroups(securityGroupName);

On Sunday, November 24, 2013 9:49 AM, Andrew Phillips <an...@apache.org> wrote:
> I hope the statement above does not mean that it is not possible to  
> designate a VPC and a given Security Group for a given machine  
> instance.

It means that (as per the Amazon docs, too [1]), you cannot assign a  
VPC and a security group *name* ("old-style" security groups) at the  
same time.

You *can*, however, assign a VPC and a security group *ID*  
("VPC-style" security groups).

ap

[1]  
http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ApiReference-query-RunInstances.html, look for  
"SecurityGroup.n"

Re: VPC/Subnet/SecurityGroup - Doc Correct?

Posted by Andrew Phillips <an...@apache.org>.

> I hope the statement above does not mean that it is not possible to   
> designate a VPC and a given Security Group for a given machine   
> instance.

It means that (as per the Amazon docs, too [1]), you cannot assign a  
VPC and a security group *name* ("old-style" security groups) at the  
same time.

You *can*, however, assign a VPC and a security group *ID*  
("VPC-style" security groups).

ap

[1]  
http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ApiReference-query-RunInstances.html, look for  
"SecurityGroup.n"