[英]Add a Security Group to the Inbound Rule of another Security Group as a Source with Terraform (AWS)
I couldn't add the security group "sg0" to the inbound rule of another security group "sg1" as a source with Terraform. (I use Terraform v0.15.4
)我无法将安全组“sg0”添加到另一个安全组“sg1”的入站规则作为 Terraform 的源。(我使用
Terraform v0.15.4
)
This is the code I tried:这是我试过的代码:
resource "aws_security_group" "sg0" {
..........
}
resource "aws_security_group" "sg1" {
..........
ingress {
from_port = 5432
to_port = 5432
security_groups = [aws_security_group.sg0]
protocol = "tcp"
}
..........
}
But I got the error below:但我收到以下错误:
Error: Incorrect attribute value type
│
│ on main.tf line 235, in resource "aws_security_group" "sg1":
│ 235: security_groups = [aws_security_group.sg0]
│ ├────────────────
│ │ aws_security_group.sg0 is object with 13 attributes
│
│ Inappropriate value for attribute "security_groups": element 0: string required.
I want to get the same result as the below which I did manually without Terraform. How can I do this?我想得到与我在没有 Terraform 的情况下手动执行的结果相同的结果。我该怎么做?
You need to add the security group id
of "sg0" to the inbound rule of "sg1" as a source.您需要将“sg0”的
security group id
作为源添加到“sg1”的入站规则中。 So you need to add only .id
after aws_security_group.sg0
like below.因此,您只需在
aws_security_group.sg0
之后添加.id
,如下所示。
resource "aws_security_group" "sg0" {
..........
}
resource "aws_security_group" "sg1" {
..........
ingress {
from_port = 5432
to_port = 5432
security_groups = [aws_security_group.sg0.id] # Add .id here!!
protocol = "tcp"
}
..........
}
Update your security group sg1
configuration with either of below changes,使用以下任一更改更新您的安全组
sg1
配置,
resource "aws_security_group" "sg0" {
..........
}
resource "aws_security_group" "sg1" {
..........
ingress {
from_port = 5432
to_port = 5432
source_security_group_id = aws_security_group.sg0.id
protocol = "tcp"
}
..........
}
[OR] [或者]
resource "aws_security_group" "sg0" {
..........
}
resource "aws_security_group" "sg1" {
..........
type = ingress
from_port = 5432
to_port = 5432
source_security_group_id = aws_security_group.sg0.id
security_group_id = aws_security_group.sg01.id
protocol = "tcp"
..........
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.