我正在尝试使用打字稿将以下CloudFormation资源迁移到CDK:
ALBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref VPCId
GroupDescription: !Sub "${Application}-${Environment}-alb-sg"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: !Ref SecurityGroupIngressCidr
我已经尝试过了(我不知道如何创建必要的属性):
const albSecurityGroup = new SecurityGroup(this, "ALBSecurityGroup", {
vpc: Vpc.fromLookup(this, id, {
vpcId: props.vpcId.stringValue
}),
description: appEnv + "-alb-sg"
})
并且使用这样的Cfn构造函数(我不知道如何将CfnSecurityGroup与CfnSecurityGroupIngress结合使用:
const x = new CfnSecurityGroupIngress(this, id, {
ipProtocol: "tcp",
fromPort: 443,
toPort: 443,
cidrIp: props.securityGroupIngressCidr
});
const albSecurityGroupCfn = new CfnSecurityGroup(this, id, {
vpcId: props.vpcId.stringValue,
groupDescription: appEnv + "-alb-sg"
});
感谢您的帮助。
今天我意识到这是一个简单的解决方案。
const albSecurityGroupCfn = new CfnSecurityGroup(this, id, {
vpcId: props.vpcId.stringValue,
groupDescription: appEnv + "-alb-sg",
securityGroupIngress: [
new CfnSecurityGroupIngress(this, id, {
ipProtocol: "tcp",
fromPort: 443,
toPort: 443,
cidrIp: props.securityGroupIngressCidr
})
]
});
谢谢!