![添加现有安全组 CloudFormation EC2 模板](https://linux22.com/image/743114/%E6%B7%BB%E5%8A%A0%E7%8E%B0%E6%9C%89%E5%AE%89%E5%85%A8%E7%BB%84%20CloudFormation%20EC2%20%E6%A8%A1%E6%9D%BF.png)
无需设置入口和出口规则,如何在 CloudFormation 模板中引用现有的 EC2 安全组?
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType:
Ref: InstanceType
SecurityGroups:
- Ref: InstanceSecurityGroup
KeyName:
Ref: KeyName
ImageId:
Fn::FindInMap:
- AWSRegionArch2AMI
- Ref: AWS::Region
- Fn::FindInMap:
- AWSInstanceType2Arch
- Ref: InstanceType
- Arch
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Existing Groups
SecurityGroupIds:
- Ref: sg-12345
- Ref: sg-12312
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
SecurityGroupEgress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
答案1
为此,您只需将它们直接添加到 SecurityGroupIds 下的 EC2 资源属性中:
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType:
Ref: InstanceType
SecurityGroupIds:
- sg-12345
- sg-12312
KeyName:
Ref: KeyName
ImageId:
Fn::FindInMap:
- AWSRegionArch2AMI
- Ref: AWS::Region
- Fn::FindInMap:
- AWSInstanceType2Arch
- Ref: InstanceType
- Arch