![](/img/trans.png)
[英]CloudFormation Template (JSON) for EC2 with VPC, Subnet & Security Group Choices
[英]Cloudformation template(JSON) for security group with 50 CIDR IPs (Ingress)
我正在為具有超過 50 個 CIDR IP 的入口規則的安全組創建雲形成模板。 在參數中,我對多個 CIDR IP 使用了 Commadelimited 列表。 而不是在 SecurityGroupIngress 中為每個 CIDR IP 創建單獨的值,是否可以在單個代碼中包含多個 CidrIps。
{
"IpProtocol" : "tcp",
"CidrIp" : "54.183.255.128/26",
"FromPort" : "443",
"ToPort" : "443"
},
{
"IpProtocol" : "tcp",
"CidrIp" : "54.228.16.0/26",
"FromPort" : "443",
"ToPort" : "443"
},
{
"IpProtocol" : "tcp",
"CidrIp" : "54.232.40.64/26",
"FromPort" : "443",
"ToPort" : "443"
},
{
"IpProtocol" : "tcp",
"CidrIp" : "54.241.32.64/26",
"FromPort" : "443",
"ToPort" : "443"
},
我想使用的模板如下。 但在這里我只能獲得 1 個 position CIDR IP。
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "HTTPS - Security Group",
"Parameters": {
"VPC": {
"Type": "AWS::EC2::VPC::Id",
"Description": "VPC where the Security Group will belong"
},
"Name": {
"Type": "String",
"Description": "Name Tag of the Security Group"
},
"DbSubnetIpBlocks": {
"Description": "Comma-delimited list of CIDR blocks",
"Type": "CommaDelimitedList"
}
},
"Resources": {
"MySG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": {
"Ref": "Description"
},
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupIngress": [
{
"IpProtocol": "tcp",
"CidrIp": {
"Fn::Select": [
"1",
{
"Ref": "DbSubnetIpBlocks"
}
]
},
"FromPort": "443",
"ToPort": "443"
}
]
}
}
},
"Outputs": {
"SecurityGroupID": {
"Description": "Security Group ID",
"Value": {
"Ref": "MySG"
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.