我正在尝试创建一个安全组并使用cloudformation从参数调用其他安全组。我将其用作资源,但是我从cloudfromation得到以下错误消息
模板验证错误:模板错误:每个Fn :: Join对象需要两个参数,(1)字符串定界符和(2)列表要连接的字符串或返回字符串列表的函数(例如Fn :: GetAZs)加入。
AWSTemplateFormatVersion : 2010-09-09
Description: "simple web layer"
Parameters:
Securitygroupid:
Description: enter sc
Type: List<AWS::EC2::SecurityGroup::Id>
NoEcho: false
Default: sg-05323df39f12d8034
Resources:
Lpsecurity:
Type: AWS::EC2::SecurityGroup
Properties:
Securitygroupid:
Description: enter sc
Type: List<AWS::EC2::SecurityGroup::Id
NoEcho: false
Default: sg-05323df39f12d8034
VpcId: !Ref Vpc
GroupDescription: Sample target security group
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: !Ref Securitycab
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: !Ref Securitycab
MyEC2Instance1:
Type: 'AWS::EC2::Instance'
Properties:
ImageId: !Ref ImageId
InstanceType: t2.micro
SubnetId: !Select [ 0, !Ref Subnets ]
SecurityGroupIds: !Join [ ",", [ !Ref Securitygroupid, !Ref Lpsecurity ]]
我在这里做错了什么?
SecurityGroupIds应该是列表类型。
尝试以下操作
Resources:
Lpsecurity:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref Vpc
GroupDescription: Sample target security group
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: !Ref Securitycab
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: !Ref Securitycab
MyEC2Instance1:
Type: 'AWS::EC2::Instance'
Properties:
ImageId: !Ref ImageId
InstanceType: t2.micro
SubnetId: !Select [ 0, !Ref Subnets ]
SecurityGroupIds:
- !Ref Securitygroup
- !GetAtt Lpsecurity.GroupId
我找到了解决方法。
SecurityGroupIds: !Split
- ","
- !Sub
- "${idList},${Lpsecurity}"
- idList: !Join [",",!Ref "SecurityGroup"]