Amazon web services 如何创建aws安全组规则,允许使用terraform从任何地方进行RDP端口?
我需要创建aws安全组规则资源aws_security_group_rule,将其附加到aws EC2 Windows实例,并能够从任何位置将RDP添加到其中 sg.tfAmazon web services 如何创建aws安全组规则,允许使用terraform从任何地方进行RDP端口?,amazon-web-services,terraform,terraform-provider-aws,Amazon Web Services,Terraform,Terraform Provider Aws,我需要创建aws安全组规则资源aws_security_group_rule,将其附加到aws EC2 Windows实例,并能够从任何位置将RDP添加到其中 sg.tf 您可以使用以下命令,其中3389是默认RDP端口: resource "aws_security_group" "My_VPC_Security_Group" { vpc_id = aws_vpc.My_VPC.id name = "My
您可以使用以下命令,其中3389是默认RDP端口:
resource "aws_security_group" "My_VPC_Security_Group" {
vpc_id = aws_vpc.My_VPC.id
name = "My VPC Security Group"
description = "My VPC Security Group"
ingress {
from_port = 3389
to_port = 3389
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
下面的代码适用于我,它根据我的需要使用aws_security_group_规则创建安全组规则
resource "aws_security_group" "My_VPC_Security_Group" {
vpc_id = aws_vpc.My_VPC.id
name = "My VPC Security Group"
description = "My VPC Security Group"
}
resource "aws_security_group_rule" "ingress_rule" {
type = "ingress"
from_port = 3389
to_port = 3389
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
security_group_id = aws_security_group.My_VPC_Security_Group.id
}
resource "aws_security_group_rule" "egress_rule" {
type = "egress"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
security_group_id = aws_security_group.My_VPC_Security_Group.id
}
但这是个坏主意。
resource "aws_security_group" "My_VPC_Security_Group" {
vpc_id = aws_vpc.My_VPC.id
name = "My VPC Security Group"
description = "My VPC Security Group"
}
resource "aws_security_group_rule" "ingress_rule" {
type = "ingress"
from_port = 3389
to_port = 3389
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
security_group_id = aws_security_group.My_VPC_Security_Group.id
}
resource "aws_security_group_rule" "egress_rule" {
type = "egress"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
security_group_id = aws_security_group.My_VPC_Security_Group.id
}