堆栈内存溢出
  简体   繁体   English

同一安全组的CidrIp json模板

[英]CidrIp json template for same security group

 原文  2013-12-20 16:50:12       json/ amazon-web-services/ amazon-cloudformation

问题描述

I have a security group in my cloudformation template: 我的cloudformation模板中有一个安全组: 

"MySecurityGroup": {
   "Type": "AWS::EC2::SecurityGroup",
        "Properties": {
            "GroupDescription": "Security Group",
            "SecurityGroupIngress": [
                {
                    "IpProtocol": "tcp",
                    "FromPort": "22",
                    "ToPort": "22",
                    "CidrIp": "0.0.0.0/0"
                }
             ]
         }
 }

I would like to change 0.0.0.0/0 to the security group ID dynamically. 我想将0.0.0.0/0动态更改为安全组ID。 How do I do that? 我怎么做?

2 个解决方案

解决方案1
 1 已采纳  2014-03-25 06:45:24

I had almost precisely what Sanket suggested. 我几乎完全了解了Sanket的建议。 But it fails with this error: 但是它失败并显示以下错误: 

Invalid id: "Semarchy-AppServerSecurityGroup-1AESXGUBKH5N4" (expecting "sg-...")

Instead, this alternative is what I needed: 相反,这是我需要的替代方法: 

"InstanceSecurityGroup" : {
   "Type" : "AWS::EC2::SecurityGroup",
   "Properties" : {
      "GroupDescription" : "Security group for Semarchy MDM Instance",
      "VpcId" : { "Ref" : "VpcId" },
      "SecurityGroupIngress" : [ {
        "IpProtocol" : "tcp", 
        "FromPort" :   "1521", 
        "ToPort" :     "1521", 
        "SourceSecurityGroupId" : { "Fn::GetAtt" : [ "AppServerSecurityGroup", "GroupId" ] } 
      } ]
   }
}

解决方案2
 0  2014-01-17 06:34:41

You can use something like mentioned below : 您可以使用如下所述的内容: 

"InstanceSecurityGroup" : {
   "Type" : "AWS::EC2::SecurityGroup",
   "Properties" : {
      "GroupDescription" : "Enable HTTP access on the configured port",
      "VpcId" : { "Ref" : "VpcId" },
      "SecurityGroupIngress" : [ {
         "IpProtocol" : "tcp",
         "FromPort" : { "Ref" : "WebServerPort" },
         "ToPort" : { "Ref" : "WebServerPort" },
         "SourceSecurityGroupId" : { "Ref" : "LoadBalancerSecurityGroup" }
      } ]
   }
}

where SourceSecurityGroupID is reference to already provisioned security group(here LoadBalancerSecurityGroup). 其中SourceSecurityGroupID引用已配置的安全组(此处为LoadBalancerSecurityGroup)。 To make sure your reference security group (LoadBalancerSecurityGroup) is generated before this security group(InstanceSecurityGroup), use "DependsOn". 要确保在此安全组(InstanceSecurityGroup)之前生成了参考安全组(LoadBalancerSecurityGroup),请使用“ DependsOn”。

Thanks 谢谢

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 具有VPC,子网和安全组选择的EC2的CloudFormation模板(JSON) - CloudFormation Template (JSON) for EC2 with VPC, Subnet & Security Group Choices 具有 50 个 CIDR IP(入口)的安全组的 Cloudformation 模板 (JSON) - Cloudformation template(JSON) for security group with 50 CIDR IPs (Ingress) 允许同一安全组中的每个实例在Cloud Formation JSON之间相互共享任何数据? - Allow every instance in the same Security Group to share any data between each other at Cloud Formation JSON? PHP JSON组按相同的值 - PHP JSON Group by the same value PHP JSON数组 - 按相同的值分组 - PHP JSON Array - Group by the same value Python Json 数据 同姓分组 - Python Json data Group it by same last name 使用相同键对数组元素进行分组 JSON JavaScript - group elements of array with same key JSON JavaScript PHP JSON Array - 如何按相同的值修改 json 代码组 - PHP JSON Array - how to modify a json code Group by the same value 如何在Silverstripe 3模板中按日期对外部API json数据进行分组? - How to group external API json data by date in silverstripe 3 template? JSON安全 - JSON Security
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM