堆栈内存溢出
  简体   繁体   English

使用 Terraform (AWS) 将安全组添加到另一个安全组的入站规则作为源

[英]Add a Security Group to the Inbound Rule of another Security Group as a Source with Terraform (AWS)

 原文  2021-05-27 19:53:34       amazon-web-services/ terraform/ terraform-provider-aws/ aws-security-group/ inbound-security-rule

问题描述

I couldn't add the security group "sg0" to the inbound rule of another security group "sg1" as a source with Terraform. (I use Terraform v0.15.4 )我无法将安全组“sg0”添加到另一个安全组“sg1”的入站规则作为 Terraform 的源。(我使用Terraform v0.15.4

This is the code I tried:这是我试过的代码:

resource "aws_security_group" "sg0" {
    ..........
}

resource "aws_security_group" "sg1" {
    ..........

    ingress {
      from_port        = 5432
      to_port          = 5432
      security_groups  = [aws_security_group.sg0]
      protocol         = "tcp"
    }
    ..........
}

But I got the error below:但我收到以下错误:

Error: Incorrect attribute value type
│ 
│   on main.tf line 235, in resource "aws_security_group" "sg1":
│  235:       security_groups  = [aws_security_group.sg0]
│     ├────────────────
│     │ aws_security_group.sg0 is object with 13 attributes
│ 
│ Inappropriate value for attribute "security_groups": element 0: string required.

I want to get the same result as the below which I did manually without Terraform. How can I do this?我想得到与我在没有 Terraform 的情况下手动执行的结果相同的结果。我该怎么做?

在此处输入图像描述

2 个解决方案

解决方案1
 1  2021-05-27 19:53:34

You need to add the security group id of "sg0" to the inbound rule of "sg1" as a source.您需要将“sg0”的security group id作为源添加到“sg1”的入站规则中。 So you need to add only .id after aws_security_group.sg0 like below.因此,您只需在aws_security_group.sg0之后添加.id ,如下所示。

resource "aws_security_group" "sg0" {
    ..........
}

resource "aws_security_group" "sg1" {
    ..........

    ingress {
      from_port        = 5432
      to_port          = 5432
      security_groups  = [aws_security_group.sg0.id] # Add .id here!!
      protocol         = "tcp"
    }
    ..........
}

解决方案2
 0  2022-03-23 23:34:54

Update your security group sg1 configuration with either of below changes,使用以下任一更改更新您的安全组sg1配置,

resource "aws_security_group" "sg0" {
    ..........
}

resource "aws_security_group" "sg1" {
    ..........

    ingress {
      from_port                = 5432
      to_port                  = 5432
      source_security_group_id = aws_security_group.sg0.id
      protocol                 = "tcp"
    }
    ..........
}

[OR] [或者]

resource "aws_security_group" "sg0" {
    ..........
}

resource "aws_security_group" "sg1" {
    ..........
      type                     = ingress
      from_port                = 5432
      to_port                  = 5432
      source_security_group_id = aws_security_group.sg0.id
      security_group_id        = aws_security_group.sg01.id
      protocol                 = "tcp"
    ..........
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS 安全组:入站规则的来源与安全组名称相同吗? - AWS Security group : source of inbound rule same as security group name? 将入站规则添加到安全组 aws cdk - Add inbound rule to security group aws cdk 如何使用默认VPC将入站规则添加到AWS安全组? - How to add inbound rule to AWS security group with my default VPC? 从Java中的另一个安全组创建AWS安全组入站规则 - Create Aws Security Group Inbound Rule from another security group in java AWS 和 Terraform - 安全组中的默认出口规则 - AWS and Terraform - Default egress rule in security group AWS EC2:入站规则源中存在安全组名称 - AWS EC2: Security group name present in inbound rule's source 带有 Terraform 的 AWS - 安全组规则中的安全组参数 - AWS with Terraform - security groups argument inside a security group rule 适用于入站流量的AWS安全组 - AWS security group for inbound traffic AWS 安全组入站规则。 允许 lambda 函数 - AWS security group inbound rule. allow lambda function 如何使用Boto将入站规则添加到AWS默认VPC安全组 - How to add inbound rule to AWS default VPC security group using boto
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM