Amazon web services Cloudformation:创建引用其他安全组的aws安全组
我想创建一个rds安全组,允许从另一个安全组进行所有访问。我知道,通过选择Amazon web services Cloudformation:创建引用其他安全组的aws安全组,amazon-web-services,amazon-cloudformation,aws-security-group,Amazon Web Services,Amazon Cloudformation,Aws Security Group,我想创建一个rds安全组,允许从另一个安全组进行所有访问。我知道,通过选择custom作为源类型,然后输入安全组id代替ip地址范围,可以在web ui领事中实现这一点。下面是我目前尝试使用的示例: "SgRds2Ec2SecurityGroup": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "rds access from corp", "VpcId": {
custom
作为源类型,然后输入安全组id代替ip地址范围,可以在web ui领事中实现这一点。下面是我目前尝试使用的示例:
"SgRds2Ec2SecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "rds access from corp",
"VpcId": {
"Ref": "VpcId"
},
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "0",
"ToPort": "65535",
"SecurityGroupID": {
"Ref": "SgRdsEc2SecurityGroup"
}
}
]
}
}
这给了我一个错误:
2018-01-22 18:48:47 UTC SgRds2Ec2SecurityGroup CREATE_FAILED Encountered unsupported property SecurityGroupID
我应该用什么来代替SecurityGroupID
?根据您要查找的SourceSecurityGroupId
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "0",
"ToPort": "65535",
"SourceSecurityGroupId": {
"Ref": "SgRdsEc2SecurityGroup"
}
}
]
根据您正在查找的SourceSecurityGroupId
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"FromPort": "0",
"ToPort": "65535",
"SourceSecurityGroupId": {
"Ref": "SgRdsEc2SecurityGroup"
}
}
]