我应该如何使用 terraform 在入口安全组中定义范围?
[英]How should I define ranges in ingress security group using terraform?
问题描述
I can not find how I should define ranges using terraform in ingress security groups.
我找不到如何在入口安全组中使用 terraform 定义范围。 Checking the documentation fields to_port and from_port suport range port.检查文档字段to_port和from_port范围端口。 However, I do not find how to configure it.但是,我找不到如何配置它。
working example using aws CLI:使用 aws CLI 的工作示例:
aws ec2 authorize-security-group-ingress \
--region $REGION \
--group-name test \
--protocol tcp \
--port 50000-50001 \
--cidr 0.0.0.0/0
But I do not manage to do the same using terraform.但我无法使用 terraform 做同样的事情。 I have tried configuring the same in the security group resource:我尝试在安全组资源中配置相同的内容:
resource "aws_security_group" "allow_tls" {
name = "allow_tls"
description = "Allow TLS inbound traffic"
vpc_id = aws_vpc.main.id
ingress {
description = "allow_tls"
from_port = 50000-50001
to_port = 50000-50001
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "allow_tls"
}
}
And the problem that I have is that it is automatically setting to_port and from_port to -1 value.我遇到的问题是它会自动将to_port和from_port设置为-1值。
# from terraform plan output
+ cidr_blocks = [
+ "0.0.0.0/0",
]
+ description = "allow_tls"
+ from_port = -1
+ ipv6_cidr_blocks = []
+ prefix_list_ids = []
+ protocol = "tcp"
+ security_groups = []
+ self = false
+ to_port = -1
}
also tried using aws_security_group_rule and it have the same behavior.也尝试使用aws_security_group_rule并且它具有相同的行为。 Any idea how it can be solved?知道如何解决吗?
1 个解决方案
解决方案1
2 已采纳 2022-09-09 10:13:37
It should be:它应该是:
from_port = 50000
to_port = 50001
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.