此脚本非常适合创建 EC2 实例:
provider "aws" {
access_key = "ACCESS_KEY"
secret_key = "SECRET-KEY"
region = "us-east-2"
}
resource "aws_instance" "web" {
count = 3
ami = "ami-001as38b07206d4ceaf"
instance_type = "t2.micro"
key_name = "labkey"
vpc_security_group_ids = [ "sg-341233f1856" ]
}
现在我正在尝试创建一个安全组。脚本运行正常,但是我无法找到如何在创建安全组时预定义“vpc_security_group_ids”
resource "aws_security_group" "Testlab_VPC_Security_Group" {
vpc_id = aws_vpc.Testlab_VPC.id
name = "Testlab VPC Security Group"
description = "Testlab VPC Security Group"
ingress {
cidr_blocks = var.ingressCIDRblock
from_port = 22
to_port = 22
protocol = "tcp"
}
ingress {
cidr_blocks = var.ingressCIDRblock
from_port = 80
to_port = 80
protocol = "tcp"
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
Name = "Testlab VPC Security Group"
Description = "Testlab VPC Security Group"
}
}
我希望能够将这两个脚本结合起来。
还有其他方法可以使用 terraform 添加我所缺少的安全性吗?
答案1
尝试这个
resource "aws_instance" "web" {
count = 3
ami = "ami-001as38b07206d4ceaf"
instance_type = "t2.micro"
key_name = "labkey"
vpc_security_group_ids = [ aws_security_group.Testlab_VPC_Security_Group.id ]
}
因为这个表达式指的是安全组,所以 Terraform 可以自动推断必须先创建安全组。