Fatal编程技术网
  • amazon-web-services/
  • Amazon web services 如何创建aws安全组规则,允许使用terraform从任何地方进行RDP端口?

Amazon web services 如何创建aws安全组规则,允许使用terraform从任何地方进行RDP端口?

amazon-web-services terraform

Amazon web services 如何创建aws安全组规则,允许使用terraform从任何地方进行RDP端口?,amazon-web-services,terraform,terraform-provider-aws,Amazon Web Services,Terraform,Terraform Provider Aws,我需要创建aws安全组规则资源aws_security_group_rule,将其附加到aws EC2 Windows实例,并能够从任何位置将RDP添加到其中 sg.tf 您可以使用以下命令,其中3389是默认RDP端口: resource "aws_security_group" "My_VPC_Security_Group" { vpc_id = aws_vpc.My_VPC.id name = "My

我需要创建aws安全组规则资源aws_security_group_rule,将其附加到aws EC2 Windows实例,并能够从任何位置将RDP添加到其中

sg.tf

您可以使用以下命令,其中3389是默认RDP端口:


resource "aws_security_group" "My_VPC_Security_Group" {
  vpc_id       = aws_vpc.My_VPC.id
  name         = "My VPC Security Group"
  description  = "My VPC Security Group"

  ingress {
    from_port   = 3389
    to_port     = 3389
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }  

  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]

}
下面的代码适用于我,它根据我的需要使用aws_security_group_规则创建安全组规则

resource "aws_security_group" "My_VPC_Security_Group" {
  vpc_id       = aws_vpc.My_VPC.id
  name         = "My VPC Security Group"
  description  = "My VPC Security Group"
}

resource "aws_security_group_rule" "ingress_rule" {
  type              = "ingress"
  from_port         = 3389
  to_port           = 3389
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
  security_group_id = aws_security_group.My_VPC_Security_Group.id
}

resource "aws_security_group_rule" "egress_rule" {
  type              = "egress"
  from_port         = 0
  to_port           = 0
  protocol          = "-1"
  cidr_blocks       = ["0.0.0.0/0"]
  security_group_id = aws_security_group.My_VPC_Security_Group.id
}
但这是个坏主意。 
resource "aws_security_group" "My_VPC_Security_Group" {
  vpc_id       = aws_vpc.My_VPC.id
  name         = "My VPC Security Group"
  description  = "My VPC Security Group"
}

resource "aws_security_group_rule" "ingress_rule" {
  type              = "ingress"
  from_port         = 3389
  to_port           = 3389
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
  security_group_id = aws_security_group.My_VPC_Security_Group.id
}

resource "aws_security_group_rule" "egress_rule" {
  type              = "egress"
  from_port         = 0
  to_port           = 0
  protocol          = "-1"
  cidr_blocks       = ["0.0.0.0/0"]
  security_group_id = aws_security_group.My_VPC_Security_Group.id
}