Amazon web services CIDR区块';sg-1234和x27;boto3中抛出格式错误
security\u group\u id=response['GroupId']->这是来自responseAmazon web services CIDR区块';sg-1234和x27;boto3中抛出格式错误,amazon-web-services,amazon-ec2,boto3,Amazon Web Services,Amazon Ec2,Boto3,security\u group\u id=response['GroupId']->这是来自response sg = security_group_id+'/32' -> IPv4 result = ec2.authorize_security_group_egress(GroupId=security_group_id,IpPermissions=[ { 'IpProtocol': 'tcp','FromPort': 3306,'ToPort':
sg = security_group_id+'/32' -> IPv4
result = ec2.authorize_security_group_egress(GroupId=security_group_id,IpPermissions=[
{
'IpProtocol': 'tcp','FromPort': 3306,'ToPort': 123,'IpRanges': [{'CidrIp':sg,'Description': 'Testing sg attach.'}]
}])
错误消息:
调用时发生错误(InvalidParameterValue)
授权安全组出口操作:CIDR区块sg-a932b3c1/32为
畸形的
必须指定有效的CIDR IP范围sg-a932b3c1/32不是有效的CIDR CidrIp(字符串)——CIDR IPv4地址范围。我们建议您 改为在一组IP权限中指定CIDR范围 您是否混淆了:SourceSecurityGroupName SourceSecurityGroupName(字符串)——目标安全性的名称 小组。要授权对目标安全组的出站访问, 我们建议您改为使用一组IP权限
必须指定有效的CIDR IP范围sg-a932b3c1/32不是有效的CIDR CidrIp(字符串)——CIDR IPv4地址范围。我们建议您 改为在一组IP权限中指定CIDR范围 您是否混淆了:SourceSecurityGroupName SourceSecurityGroupName(字符串)——目标安全性的名称 小组。要授权对目标安全组的出站访问, 我们建议您改为使用一组IP权限 def创建我的组(): def创建我的组():
将其更改为0.0.0.0/0,然后在IP权限中添加了sg。成功了。谢谢将其更改为0.0.0.0/0,然后在IP权限中添加了sg。成功了。谢谢
try:
# Get default VPC ID
response = ec2_client.describe_vpcs()
vpc_id = response.get('Vpcs', [{}])[0].get('VpcId', '')
print("VPC-Id: ",vpc_id)
# Create a group with access only through SSH
security_con1 = ec2_client.create_security_group(GroupName='SSH_Access',VpcId=vpc_id,
Description="This will allow only SSH access to EC2.")
security_group_id1=security_con1['GroupId']
print("Created security group for EC2 Webserver.")
print("Now, attaching rules to this group......")
time.sleep(2)
# Create rule for SSH only access
rule = ec2_client.authorize_security_group_ingress(GroupId=security_group_id1,IpPermissions=[
{'IpProtocol': 'tcp','FromPort': 22,'ToPort': 22,'IpRanges': [{'CidrIp': '0.0.0.0/0'}]},
{'IpProtocol': 'tcp','FromPort': 443,'ToPort': 443,'IpRanges': [{'CidrIp': '0.0.0.0/0'}]}
]
)
print("Finished setting up EC2 security group.")
time.sleep(2)
# Create a group with access only through authorized group
security_con2 = ec2_client.create_security_group(GroupName='DB_Access',VpcId=vpc_id,
Description="This will allow only SSH access to DB.")
security_group_id2=security_con2['GroupId']
print("Created security group for DB-Webserver.")
print("Now, attaching rules to this group......")
time.sleep(2)
# Create access rule to access DB_access from users of SSH_Access group only
rule2 = ec2_client.authorize_security_group_ingress(GroupId=security_group_id2,
IpPermissions=[
{
'IpProtocol':'tcp','IpRanges':[],'FromPort':3306,'ToPort':3306,"UserIdGroupPairs": [{"GroupId": security_group_id1}]
}
]
)
print("Finished setting up DB security group.")
except ClientError as e:
print(e)