Previously I have created an EC2 instance based on an image. During the creation process the Amazon wizard created a key pair and then provided it to me so I could connect.

Now I am trying to use CloudFormation instead, so that my new server has some basic software installed (LAMP stack). But the EC2 instance I end up with has no ssh key pair that I can find.

Is there a way to associate a key pair while creating a stack on CloudFormation?

I've read that there are ways to add the key to the instance's volume by stopping the instance, creating a clone, plus some other steps. But my admin skills in this area are not that strong so I am hoping for something that is (for me) more straightforward.

Hope this makes sense - any help much appreciated!

Shannon Wagner
  • 375
  • 3
  • 5
  • 20

2 Answers2


Is there a way to associate a key pair while creating a stack on CloudFormation?

Sure, it indeed works by associating an existing key pair of yours during the process; the AWS CloudFormation Sample Templates feature respective fragments, e.g. the Simple EC2 instance example contains the fragment you are looking for:

  "Parameters" : {
    "KeyName" : {
      "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance",
      "Type" : "String"


  "Resources" : {
    "Ec2Instance" : {
      "Type" : "AWS::EC2::Instance",
      "Properties" : {
        "KeyName" : { "Ref" : "KeyName" },
        "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]},
        "UserData" : { "Fn::Base64" : "80" }

This fragment enables passing the desired key pair name as a parameter, alternatively you could embed the name directly or simply provide a default one.

Good luck!

Steffen Opel
  • 5,560
  • 35
  • 55
  • Thanks much... I was choosing from the dropdown list of sample templates, and I think the template I got that way did not have the parameter for the key. Having the template URL that you linked to was a big help. That template had the key parameter I needed. – Shannon Wagner Feb 25 '12 at 01:27

AWS CloudFormation parameters can also give you a list of all key's that are available in your account & region. Just change the "Type" of the parameter to the desired AWS type. That will be "AWS::EC2::KeyPair::KeyName" in this case.

With "CloudFormation Parameter Types", the above example will be:

"Parameters" : {
  "KeyName" : {
    "Description" : "EC2 KeyPair to enable SSH access to the instance",
    "Type" : "AWS::EC2::KeyPair::KeyName"

"Resources" : {
  "Ec2Instance" : {
    "Type" : "AWS::EC2::Instance",
    "Properties" : {
      "KeyName" : { "Ref" : "KeyName" },
      "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]},
      "UserData" : { "Fn::Base64" : "80" }

I hope this helps.

See also: https://blogs.aws.amazon.com/application-management/post/Tx3DV2UYG9SC38G/Using-the-New-CloudFormation-Parameter-Types