[英]How to attach a security group to aws instance in terraform
I am trying explore terraform to create automate infra in AWS.我正在尝试探索 terraform 在 AWS 中创建自动化基础设施。 I am not clear on how to attach a security group to aws instance in terraform.
我不清楚如何将安全组附加到 terraform 中的 aws 实例。
For example, Is there any property to specify the security groups like here below例如,是否有任何属性可以指定安全组,如下所示
resource "aws_instance" "web" {
ami = "ami-a1b2c3d4"
instance_type = "t2.micro"
}
Use the argument vpc_security_group_ids
.使用参数
vpc_security_group_ids
。 This argument accepts a list of N security group IDs此参数接受 N 个安全组 ID 的列表
resource "aws_instance" "web" {
ami = "ami-a1b2c3d4"
instance_type = "t2.micro"
}
resource "aws_security_group" "sec_group" {
name = "sec_group"
vpc_id = "vpc-3324nnrvdl"
}
resource "aws_network_interface_sg_attachment" "sg_attachment" {
security_group_id = "${data.aws_security_group.sec_group.id}"
network_interface_id = "${aws_instance.web.primary_network_interface_id}"
}
This way you will be able to attach a SG to EC2 instance and both will be in decouple state.这样,您将能够将 SG 附加到 EC2 实例,并且两者都将解耦 state。
Leveraging from Ay0's answer: you can include vpc_security_group_ids
rule like:利用 Ay0 的回答:您可以包含
vpc_security_group_ids
规则,例如:
resource "aws_security_group" "basic_security" {
ingress {...}
egress {...}
}
resource "aws_instance" "web" {
ami = "ami-a1b2c3d4"
instance_type = "t2.nano"
vpc_security_group_ids = [aws_security_group.basic_security.id]
}
You can include aws_security_group like:您可以包括aws_security_group ,例如:
resource "aws_security_group" "sg" {
name = "sg"
description = "Web Security Group for HTTP"
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.