堆栈内存溢出
  简体   繁体   English

使用云形成创建安全组时出现“ Property IpProtocol不能为空”错误

[英]Getting 'Property IpProtocol cannot be empty' error while creating security group using cloud formation

 原文  2019-04-11 18:31:02       amazon-web-services/ amazon-cloudformation/ aws-security-group

问题描述

I am creating a basic security group using cloud formation on AWS but I am getting Property IpProtocol cannot be empty. 我正在使用AWS上的云形成来创建一个基本的安全组,但是我得到的Property IpProtocol不能为空。 error. 错误。 Following is the yml code I am running: 以下是我正在运行的yml代码: 

Resources:
    testsecuritygroup:
    Type: AWS::EC2::SecurityGroup
    Properties: 
      GroupName: test-group
      GroupDescription: test security group
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
        - SourceSecurityGroupId: sg-xxxxxxxxxx
      SecurityGroupEgress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0
      Tags:
        - Key: group
          Value: test
      VpcId: !ImportValue VPC

When I run create-stack command it is running successfully but the stack is rolled back with CREATE_FAILED status and Property IpProtocol cannot be empty error. 当我运行create-stack命令时,它已成功运行,但是堆栈回滚并显示CREATE_FAILED状态,并且属性IpProtocol不能为空错误。 What I am doing wrong here? 我在这里做错了什么?

2 个解决方案

解决方案1
 1  2019-04-12 14:14:59

Your cidr is not valid. 您的cidr无效。 It should be 0.0.0.0/0 它应该是0.0.0.0/0

解决方案2
 1 已采纳  2019-04-12 15:21:23

I resolved this issue. 我解决了这个问题。 To add a security group we have to create an Ingress rule and attach it to the security group instead of defining it in the security group. 要添加安全组,我们必须创建一个Ingress规则并将其附加到安全组,而不是在安全组中定义它。 

Resources:
    test:
    Type: AWS::EC2::SecurityGroup
    Properties: 
      VpcId: !ImportValue VPC
      GroupName: test-group
      GroupDescription: test security group
      SecurityGroupEgress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
      Tags:
        - Key: group
          Value: test
  TestInboundRule:
    Type: AWS::EC2::SecurityGroupIngress
    Properties: 
      GroupId: !GetAtt test.GroupId
      IpProtocol: tcp
      FromPort: 80
      ToPort: 80
      SourceSecurityGroupId: sg-xxxxxxxxx

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 创建具有云形成的堆栈的问题(“属性类型不能为空。”) - Problem with creating a stack with cloud formation ("Property Type cannot be empty.") 云形成安全组未创建入口规则 - Cloud formation security group is not creating ingress rules 创建EKS辅助节点时如何在云形成模板中指定现有节点安全组 - How to specify existing node security group in cloud formation template while creating EKS worker nodes 获取云形成错误属性 InstanceId 的值必须是字符串类型,同时将 eip 附加到 ec2 - Getting cloud formation error Value of property InstanceId must be of type String while attaching eip with ec2 在云形成中创建网络负载平衡时出错 - Error While creating the Network Load Balancing in Cloud formation VPC中的AWS Cloud Formation RDS安全组 - AWS Cloud Formation RDS security group in VPC Cloud Formation 无法使用 VPCIdNotSpecified 创建安全组 - Cloud formation failed to create Security group with VPCIdNotSpecified 从Cloud Formation模板创建安全组失败,并显示“组已存在” - Creating security groups from Cloud Formation template fails with “group already exists” 云形成-设备索引不能为空 - Cloud formation - Device index cannot be empty 尝试使用 SAM 在云形成中创建堆栈并收到错误消息 - Trying to create a stack in cloud formation using SAM and getting an error message
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM