How to use a VPC default security group as a peer for another security group?
Question
Using CDK (Typescript) I am trying to create a security group which can be accessed from my VPCs default security group.
I can't figure out the correct syntax:
this.dbSecurityGroup = new SecurityGroup(this, 'db-security-group', {
vpc: props.vpc,
allowAllOutbound: false,
securityGroupName: 'dbSecurityGroup',
});
this.dbSecurityGroup.connections.allowFrom(props.vpc.vpcDefaultSecurityGroup, Port.tcp(5432));
I get an error saying:
Argument of type 'string' is not assignable to parameter of type 'IConnectable'
This is because the props.vpc.vpcDefaultSecurityGroup is a string and not an IConnectable type.
What is the correct way to access/use the vpcDefaultSecurity value to access another security group?
$ cdk --version
1.42.0 (build 3b64241)
1 answers
solution1
1 2020-06-08 00:22:00
Turns out it easy to convert a security group id (string) to a security group type using:
const vpcDefaultSecurityGroup = SecurityGroup.fromSecurityGroupId(this, "SG", props.vpc.vpcDefaultSecurityGroup);
this.dbSecurityGroup.connections.allowFrom(vpcDefaultSecurityGroup, Port.tcp(5432));
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.