代码之家 › 专栏 › 技术社区 › Rajat jain

对流层DBSecurityGroupingRess的设置

troposphere amazon-cloudformation amazon-web-services

0

Rajat jain · 技术社区 · 7 年前

要将多个CIDRIP添加到我的数据库安全组错误:

CidrIp=Ref(AppSecurityGroup)),
TypeError: __init__() takes at least 2 arguments (1 given)

我觉得这很容易,但我被困在这里而困惑。

DBSecurityGroup = t.add_resource(
    rds.DBSecurityGroup(
        'DBSecurityGroup',
        GroupDescription='Enable access on the inbound port',
        DBSecurityGroupIngess=[
            rds.DBSecurityGroup(
                IpProtocol='tcp',
                FromPort='3306',
                ToPort='3306',
                CidrIp=Ref(AppSecurityGroup)),
            rds.DBSecurityGroup(
                IpProtocol='tcp',
                FromPort='3306',
                ToPort='3306',
                CidrIp=Ref(CalcSecurityGroup)),
            rds.DBSecurityGroup(
                IpProtocol='tcp',
                FromPort='3306',
                ToPort='3306',
                CidrIp=Ref(CIDRSupport))],
        VpcId=Ref(VPC),
        Tags=Tags(
            Name=Join("", [Ref("AWS::StackName"), "-DB-SG"]),
        )
    ))

现在我需要进入Calc SG、AppSG和CIDRSUPPORT 6379 端口。

如何在SG中定义它?

1 回复 | 直到 7 年前

1

Alex Harvey 7 年前

您正在处理一个属性 CidrIp 这个 DBSecurityGroup 类没有。此类定义为:

class RDSSecurityGroup(AWSProperty):
    props = {
        'CIDRIP': (basestring, False),
        'EC2SecurityGroupId': (basestring, False),
        'EC2SecurityGroupName': (basestring, False),
        'EC2SecurityGroupOwnerId': (basestring, False),
    }   

class DBSecurityGroup(AWSObject):
    resource_type = "AWS::RDS::DBSecurityGroup"

    props = {
        'EC2VpcId': (basestring, False),
        'DBSecurityGroupIngress': (list, True),
        'GroupDescription': (basestring, True),
        'Tags': ((Tags, list), False),
    }

从源代码 here .

你想说的是:

DBSecurityGroup = t.add_resource(
    rds.DBSecurityGroup(
        "DBSecurityGroup",
        GroupDescription="Enable access on the inbound port",
        DBSecurityGroupIngress=[
            rds.RDSSecurityGroup(EC2SecurityGroupId=Ref(AppSecurityGroup)),
            rds.RDSSecurityGroup(EC2SecurityGroupId=Ref(CalcSecurityGroup)),
            rds.RDSSecurityGroup(EC2SecurityGroupId=Ref(CIDRSupport))],
        EC2VpcId=Ref(VPC),
        Tags=Tags(
            Name=Join("", [Ref("AWS::StackName"), "-DB-SG"]),
        )
    ))

我注意到对流层 RDSSecurityGroup 对应于“ RDS Security Group Rule “。命名中的不一致令人困惑。