Warning: file_get_contents(/data/phpspider/zhask/data//catemap/4/macos/10.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Amazon cloudformation 添加多个SecurityGroupIngress规则_Amazon Cloudformation - Fatal编程技术网
Fatal编程技术网

Amazon cloudformation 添加多个SecurityGroupIngress规则

amazon-cloudformation

Amazon cloudformation 添加多个SecurityGroupIngress规则,amazon-cloudformation,Amazon Cloudformation,我正在尝试创建循环依赖项安全组。首先,我创建了两个安全组。然后我尝试添加入站规则。但我无法为入站规则添加多个规则 "SecurityGroup01": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "SecurityGroup01", "VpcId": { "Ref": "VPCID" }, "SecurityGroupEgress"

我正在尝试创建循环依赖项安全组。首先,我创建了两个安全组。然后我尝试添加入站规则。但我无法为入站规则添加多个规则

"SecurityGroup01": {
    "Type": "AWS::EC2::SecurityGroup",
    "Properties": {
        "GroupDescription": "SecurityGroup01",
        "VpcId": { "Ref": "VPCID" },
        "SecurityGroupEgress": [
            { "IpProtocol": "tcp", "FromPort": "1", "ToPort": "65535", "CidrIp": "0.0.0.0/0" },
            { "IpProtocol": "icmp", "FromPort": "8", "ToPort": "-1", "CidrIp": "0.0.0.0/0" }
        ],
        "Tags": [
            { "Key": "Name", "Value": "SG01" }
        ]
    }
},
"SecurityGroup02": {
    "Type": "AWS::EC2::SecurityGroup",
    "Properties": {
        "GroupDescription": "SecurityGroup02",
        "VpcId": {
            "Ref": "VPCID"
        },
        "SecurityGroupEgress": [
            { "IpProtocol": "tcp", "FromPort": "1", "ToPort": "65535", "CidrIp": "0.0.0.0/0" },
            { "IpProtocol": "icmp", "FromPort": "8", "ToPort": "-1", "CidrIp": "0.0.0.0/0" }
        ],
        "Tags": [
            { "Key": "Name", "Value": "SG02" }
        ]
    }
},
"SG01InboundRule": {
    "Type": "AWS::EC2::SecurityGroupIngress",
    "Properties": {
        "IpProtocol": "tcp", "FromPort": "3389", "ToPort": "3389", "CidrIp": { "Ref": "LocalIPAddress" }, 
              "DestinationSecurityGroupId": { "Fn::GetAtt": [ "SecurityGroup02", "GroupId" ] }, 
              "GroupId": { "Fn::GetAtt": [ "SecurityGroup01", "GroupId" ] }
    }
}
预期结果 添加多个规则

"SG01InboundRule": {
    "Type": "AWS::EC2::SecurityGroupIngress",
    "Properties": [
        "IpProtocol": "tcp", "FromPort": "3389", "ToPort": "3389", "CidrIp": { "Ref": "LocalIPAddress" }, "GroupId": { "Fn::GetAtt": [ "SecurityGroup01", "GroupId" ] }
        "IpProtocol": "tcp", "FromPort": "4200", "ToPort": "4200", "CidrIp": { "Ref": "LocalIPAddress" }, "GroupId": { "Fn::GetAtt": [ "SecurityGroup01", "GroupId" ] }
    ]
}
资源
AWS::EC2::securitygroupingres
仅包含一个规则,但您可以创建多个
AWS::EC2::securitygroupingres
并将它们附加到同一安全组

所以你会:

"SG01InboundRule": {
    "Type": "AWS::EC2::SecurityGroupIngress",
    "Properties": {
        "IpProtocol": "tcp", "FromPort": "3389", "ToPort": "3389", "CidrIp": { "Ref": "LocalIPAddress" }, 
              "DestinationSecurityGroupId": { "Fn::GetAtt": [ "SecurityGroup02", "GroupId" ] }, 
              "GroupId": { "Fn::GetAtt": [ "SecurityGroup01", "GroupId" ] }
    }
}

"SG02InboundRule": {
    "Type": "AWS::EC2::SecurityGroupIngress",
    "Properties": {
        "IpProtocol": "tcp", "FromPort": "4200", "ToPort": "4200", "CidrIp": { "Ref": "LocalIPAddress" }, 
              "DestinationSecurityGroupId": { "Fn::GetAtt": [ "SecurityGroup02", "GroupId" ] }, 
              "GroupId": { "Fn::GetAtt": [ "SecurityGroup01", "GroupId" ] }
    }
}
这使我省去了很多头痛