[英]Adding Multiple Existing Security Groups to EC2 using AWS-CDK (python)
Trying to add multiple existing security groups to a new ec2.尝试将多个现有安全组添加到新的 ec2。 It does not seem to work.它似乎不起作用。 If it is one group in the globalsg it works.如果它是 globalsg 中的一组,则它有效。
globalsg ={
(ec2.SecurityGroup.from_security_group_id(self, "sg01", security_group_id = "sg-xb9b")),
(ec2.SecurityGroup.from_security_group_id(self, "sg02", security_group_id = "sg-x211"))
}
#Webserver 01
web01 = ec2.Instance(
self,
"web01Id",
instance_type = ec2.InstanceType(instance_type_identifier=variables["inst_type"]),
instance_name = "A.APP.PR01",
machine_image = ec2.MachineImage.generic_linux(
{variables["region"]: linux_ami}
),
vpc=vpc,
vpc_subnets = vpc_priv_use1a,
user_data = ec2.UserData.custom(user_data),
security_group= [globalsg]
)
Here is the error that I get这是我得到的错误
jsii.errors.JSIIError: Expected object reference, got [[{"$jsii.byref":"@aws-cdk/core.Resource@10052"}]] jsii.errors.JSIIError:预期的对象引用,得到 [[{"$jsii.byref":"@aws-cdk/core.Resource@10052"}]]
Define globalsg as a list, get rid of the dict brackets and don't wrap it in a list when you reference it.将 globalsg 定义为列表,去掉 dict 括号,并且在引用时不要将其包装在列表中。 Something like this:像这样的东西:
globalsg = [
...
]
...
security_group=globalsg[0]
)
web01.add_security_group(globalsg[1])
The instance takes a single security group in the constructor.该实例在构造函数中采用单个安全组。 Then you can call add_security_group to add more.然后你可以调用 add_security_group 来添加更多。
https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/Instance.html#aws_cdk.aws_ec2.Instance.add_security_group https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/Instance.html#aws_cdk.aws_ec2.Instance.add_security_group
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.