Json AWS安全组创建节点
我有一个在AWS中创建安全组的脚本,它为入口(入站)和出口(出站)流量创建规则,我的脚本现在看起来像这样:Json AWS安全组创建节点,json,node.js,amazon-web-services,Json,Node.js,Amazon Web Services,我有一个在AWS中创建安全组的脚本,它为入口(入站)和出口(出站)流量创建规则,我的脚本现在看起来像这样: #!/usr/bin/env node /* This is a script to generate security groups and apply them to instances in a VPC. Attached to this script is a json file which has the security group parameters in it. Run
#!/usr/bin/env node
/*
This is a script to generate security groups and apply them to instances in a VPC.
Attached to this script is a json file which has the security group parameters in it.
Run this script by executing:
node AWS_Security_Groups.js
*/
'use strict';
process.env.AWS_PROFILE
var PropertiesReader = require('properties-reader');
var AWS = require('aws-sdk')
var properties = PropertiesReader('/Users/testuser/.aws/credentials');
AWS.config.update({
accessKeyId : properties.get('aws_access_key_id'),
secretAccessKey : properties.get('aws_secret_access_key'),
region : 'us-east-1'
})
var ec2 = new AWS.EC2({apiVersion: '2016-11-15'});
// Load credentials and set region from JSON file
//AWS.config.loadFromPath('/Users/testuser/.aws/credentials');
// Load in security group parameters
let securityParams = require('./securityParams.json');
module.exports = {
//Exports creation of Security Groups
createSecurityGroup: (req, res) => {
ec2.createSecurityGroup(securityParams, function(err, data) {
if (err) {
return (console.log("Error", err));
}
// Pass the Json as a parameter in this function
ec2.authorizeSecurityGroupIngress(securityParams, function(err, data) {
if (err) {
res.serverError(err, err.stack);
} else {
res.ok(data);
console.log('Ingress Security Rules Created');
}
})
// Pass the Json as a parameter in this function
ec2.authorizeSecurityGroupEgress(securityParams, function(err, data) {
if (err) {
res.serverError(err, err.stack);
} else {
res.ok(data);
console.log('Egress Security Rules Created');
}
})
})
}
}
module.exports.createSecurityGroup();
我的Json文件如下所示:
{
"SecurityGroups": [
{
"IpPermissionsEgress": [],
"Description": "My security group",
"IpPermissions": [
{
"PrefixListIds": [],
"FromPort": 22,
"IpRanges": [
{
"CidrIp": "203.0.113.0/24"
}
],
"ToPort": 22,
"IpProtocol": "tcp",
"UserIdGroupPairs": []
}
],
"GroupName": "MySecurityGroup",
"OwnerId": "123456789012",
"GroupId": "sg-903004f8",
}
{
"IpPermissionsEgress": [],
"Description": "My security group2",
"IpPermissions": [
{
"PrefixListIds": [],
"FromPort": 22,
"IpRanges": [
{
"CidrIp": "203.0.113.0/24"
}
],
"ToPort": 22,
"IpProtocol": "tcp",
"UserIdGroupPairs": []
}
],
"GroupName": "MySecurityGroup2",
"OwnerId": "123456789012",
"GroupId": "sg-903004f28",
}]
}
但是,我无法使脚本正确执行。我一直在JSON文件中看到一个错误,即未读字符“/”。有人知道我错过了什么吗?此外,我希望能够更新脚本以在安全组中读取,如果该组已经存在,请不要尝试创建它
因此,这个JSON似乎在某种程度上起作用:它不创建任何规则,只创建安全组:
[
{
"IpProtocol": "string",
"FromPort": integer,
"ToPort": integer,
"UserIdGroupPairs": [
{
"UserId": "string",
"GroupName": "string",
"GroupId": "string",
"VpcId": "string",
"VpcPeeringConnectionId": "string",
"PeeringStatus": "string"
}
...
],
"IpRanges": [
{
"CidrIp": "string"
}
...
],
"Ipv6Ranges": [
{
"CidrIpv6": "string"
}
...
],
"PrefixListIds": [
{
"PrefixListId": "string"
}
...
]
}
...
]
我必须用参数更新脚本:
securityParams[0].UserIdGroupPairs[0]
哪个函数产生错误?也许你必须在iparray中避开/
,我尝试过删除它,但没有什么不同。create函数出错。我认为它没有正确读取JSON的任何部分。我需要添加安全参数[0
]还是什么?或者在其他函数中指定securityParams[0].IpPermissionsEgress[0]
?根据它看起来还可以:/这真的很奇怪。是的,这就是我得到它的原因,但我想知道描述函数和创建函数在所需参数方面是否有所不同?另外,可能是脚本没有正确地读入它?您知道我如何至少在if语句中按名称检查组的存在,如果是这样的话,只需控制台记录并跳过?