如何在安全组中添加source_security_group_id?

时间:2019-12-16 06:08:23

标签: amazon-web-services amazon-cloudformation aws-cdk

嗨,我正在尝试在AWS CDK中创建安全组。当我尝试创建Ingress规则时,我想指定source_security_group_id。我如下创建了安全组。 

mws_vpc_sg = ec2.SecurityGroup(self,"securitygroupname",
        description="EC2 Services Security Group",
        security_group_name="securitygroupname",
        vpc=vpc
        );

然后我要添加如下的入口规则。

 SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: "80"
          ToPort: "80"
          SourceSecurityGroupId: !Ref MerchWebServicesLoadBalancerSecurityGroup

有人可以帮助我使用AWS CDK编写相同的模板吗?

1 个答案:

答案 0 :(得分:0)

根据文档,有一个属于ec2.SecurityGroup的方法称为add_ingress_rule,该方法将“对等”和“连接”作为参数。这些是另一个安全组和一个端口

所以您可以尝试这样的事情

my_sg = ec2.SecurityGroup(self, "securitygroupone",
  description="EC2 Services Security Group",
  security_group_name="securitygroupone",
  vpc=vpc
)

my_sg_two = ec2.SecurityGroup(self, "securitygrouptwo",
  description="EC2 Services Security Group with Ingress from securitygroupone",
  security_group_name="securitygrouptwo",
  vpc=vpc
)

my_sg_two.add_ingress_rule(my_sg, 8080)

https://docs.aws.amazon.com/cdk/api/latest/python/aws_cdk.aws_ec2/SecurityGroup.html#aws_cdk.aws_ec2.SecurityGroup.add_ingress_rule

相关问题
最新问题