我可以使用以下命令创建新的入站规则:
aws ec2 authorize-security-group-ingress --group-id sg-00b417024c6afddae --protocol tcp --port 5000 --cidr 0.0.0.0/0
如何向该规则添加描述?
您必须使用完整的符号
--ip-permissions
:
aws ec2 authorize-security-group-ingress --group-id sg-00b417024c6afddae --ip-permissions FromPort=5000,ToPort=5000,IpProtocol=tcp,IpRanges='[{CidrIp=0.0.0.0/0,Description=mydescription}]'
基于 Marcin 的回答:
# Some example values:
AWS_SECURITY_GROUP=sg-01234567890
FROM_PORT=9996
TO_PORT=9999
ALLOWED_IP_RANGE=0.0.0.0/0
DESCRIPTION="my beautiful description"
# The real action:
aws ec2 authorize-security-group-ingress \
--group-id $AWS_SECURITY_GROUP \
--ip-permissions FromPort="$FROM_PORT",ToPort="$TO_PORT",IpProtocol=tcp,IpRanges="[{CidrIp=${ALLOWED_IP_RANGE},Description='${DESCRIPTION}'}]"