Terraform AWS 安全组入口规则

Terraform AWS 安全组入口规则

如何使用 Terraform 在 AWS 安全组中定义多个 Ingress 规则?

我尝试过这个:

resource "aws_security_group" "sg_allowall" {
  name = "${var.prefix}-allow"

  ingress {
    from_port   = "443"
    to_port     = "443"
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }

  egress {
    from_port   = "0"
    to_port     = "0"
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
}

resource "aws_security_group_rule" "ssh_from_office" {
  type            = "ingress"
  from_port       = 22
  to_port         = 22
  protocol        = "tcp"
  cidr_blocks     = ["192.202.168.66/32"]

  security_group_id = "${resource.sg_allowall.id}"
}

但我收到以下错误:

Error: resource 'aws_security_group_rule.ssh_from_office' config: unknown resource 'resource.sg_allowall' referenced in variable resource.sg_allowall.id

答案1

这里有两个问题。首先,要引用您创建的安全组,您需要使用正确的语法:

security_group_id = "${aws_security_group.sg_allowall.id}"

好好看看Terraform 语法文档

其次,不建议将内联块与独立安全组规则混合使用。文档中的警告关于这一点,所以也许也看一下。

相关内容