使用 terraform 将 vpc 的安全组 ID 放入列表中
[英]putting security group ids of a vpc in a list using terraform
问题描述
While trying to create vpc endpoint, i have to dynamically create the security groups within the vpc and then attach it to the vpc endpoints in the same terraform plan.
在尝试创建 vpc 端点时,我必须在 vpc 中动态创建安全组,然后将其附加到同一 terraform 计划中的 vpc 端点。 Is there a way I can put all the security group ids of a VPC in a list using terraform?有没有办法可以使用 terraform 将 VPC 的所有安全组 ID 放入列表中?
2 个解决方案
解决方案1
1 2021-06-02 21:03:26
create the vpc as shown below如下图创建vpc
resource "aws_vpc" "main" {
id = var.vpc_id
cidr_block = "10.0.0.0/16"
}
create the security group创建安全组
resource "aws_security_group" "sg1" {
name = "allow_tls"
description = "Allow TLS inbound traffic"
vpc_id = aws_vpc.main.id
ingress {
description = "TLS from VPC"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = [aws_vpc.main.cidr_block]
ipv6_cidr_blocks = [aws_vpc.main.ipv6_cidr_block]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
tags = {
Name = "allow_tls"
}
}
creating vpc endpoint fetching security group ID's dynamically from the above security group resource block创建 vpc 端点,从上述安全组资源块中动态获取安全组 ID
resource "aws_vpc_endpoint" "endpoint_vpc" {
vpc_id = aws_vpc.main.id
service_name = "com.amazonaws.us-west-2.ec2"
vpc_endpoint_type = "Interface"
security_group_ids = [
aws_security_group.sg1.id,
]
private_dns_enabled = true
}
you can always get the results in outputs.tf file like mentioned below您始终可以在 output.tf 文件中获得结果,如下所述
output "security_groups_id's" {
value = aws_security_groups.sg1.ids
}
解决方案2
1 已采纳 2021-06-03 01:33:51
Is there a way I can put all the security group ids of a VPC in a list using terraform?
Yes, you can use aws_security_groups data source:是的,您可以使用aws_security_groups数据源:
data "aws_security_groups" "test" {
filter {
name = "vpc-id"
values = ["your-vpc-id"]
}
}
output "test" {
value = data.aws_security_groups.test.ids
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.