我有公开和私有的vpc。
如何在公共场所创建堡垒主机?
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "~> 2.0"
name = "${local.name}-vpc"
cidr = "10.1.0.0/16"
azs = ["us-east-2a", "us-east-2b", "us-east-2c"]
private_subnets = ["10.1.1.0/24", "10.1.2.0/24", "10.1.3.0/24"]
public_subnets = ["10.1.101.0/24", "10.1.102.0/24", "10.1.103.0/24"]
single_nat_gateway = true
enable_nat_gateway = true
enable_vpn_gateway = false
enable_dns_hostnames = true
public_subnet_tags = {
Name = "public"
}
private_subnet_tags = {
Name = "private"
}
public_route_table_tags = {
Name = "public-RT"
}
private_route_table_tags = {
Name = "private-RT"
}
tags = {
Environment = local.environment
Name = local.name
}
}
修改 我将此添加到上面的代码中:
resource "aws_security_group" "bastion-sg" {
name = "bastion-security-group"
vpc_id = "${module.vpc.vpc_id}"
ingress {
protocol = "tcp"
from_port = 22
to_port = 22
cidr_blocks = ["0.0.0.0/0"]
}
egress {
protocol = -1
from_port = 0
to_port = 0
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_instance" "bastion" {
ami = "ami-0d5d9d301c853a04a"
key_name = "key"
instance_type = "t2.micro"
vpc_security_group_ids = ["${aws_security_group.bastion-sg.id}"]
associate_public_ip_address = true
}
但是当我运行Terraform Apply时我得到了错误:
Error: Error launching source instance: InvalidParameter: Security group sg-0e3d05f76119af726 and subnet subnet-4b0c1123 belong to different networks.
status code: 400, request id: ddce7fc3-3ef9-407d-b0cd-0dda640bb3a9
on vpc.tf line 108, in resource "aws_instance" "bastion":
108: resource "aws_instance" "bastion" {
答案 0 :(得分:1)
[
{firstName: 'Martin', lastName :'Jonas'},
{firstName:'Brad',lastName:'Mickle'},
{fitstName: 'Summer, lastName:'Bride'}
]