0

想要将多个 CIDRip 添加到我的数据库安全组错误:

CidrIp=Ref(AppSecurityGroup)),
TypeError: __init__() takes at least 2 arguments (1 given)

我认为这很容易,但我被困在这里并且感到困惑。

DBSecurityGroup = t.add_resource(
    rds.DBSecurityGroup(
        'DBSecurityGroup',
        GroupDescription='Enable access on the inbound port',
        DBSecurityGroupIngess=[
            rds.DBSecurityGroup(
                IpProtocol='tcp',
                FromPort='3306',
                ToPort='3306',
                CidrIp=Ref(AppSecurityGroup)),
            rds.DBSecurityGroup(
                IpProtocol='tcp',
                FromPort='3306',
                ToPort='3306',
                CidrIp=Ref(CalcSecurityGroup)),
            rds.DBSecurityGroup(
                IpProtocol='tcp',
                FromPort='3306',
                ToPort='3306',
                CidrIp=Ref(CIDRSupport))],
        VpcId=Ref(VPC),
        Tags=Tags(
            Name=Join("", [Ref("AWS::StackName"), "-DB-SG"]),
        )
    ))

现在我需要在端口上入站到 Calc-SG、App-SG 和 CIDRSupport 6379

如何在 SG 中定义它?

4

1 回答 1

1

您正在处理该类没有的CidrIp属性DBSecurityGroup。这个类定义为:

class RDSSecurityGroup(AWSProperty):
    props = {
        'CIDRIP': (basestring, False),
        'EC2SecurityGroupId': (basestring, False),
        'EC2SecurityGroupName': (basestring, False),
        'EC2SecurityGroupOwnerId': (basestring, False),
    }   

class DBSecurityGroup(AWSObject):
    resource_type = "AWS::RDS::DBSecurityGroup"

    props = {
        'EC2VpcId': (basestring, False),
        'DBSecurityGroupIngress': (list, True),
        'GroupDescription': (basestring, True),
        'Tags': ((Tags, list), False),
    }

这里的源代码。

你想说的是:

DBSecurityGroup = t.add_resource(
    rds.DBSecurityGroup(
        "DBSecurityGroup",
        GroupDescription="Enable access on the inbound port",
        DBSecurityGroupIngress=[
            rds.RDSSecurityGroup(EC2SecurityGroupId=Ref(AppSecurityGroup)),
            rds.RDSSecurityGroup(EC2SecurityGroupId=Ref(CalcSecurityGroup)),
            rds.RDSSecurityGroup(EC2SecurityGroupId=Ref(CIDRSupport))],
        EC2VpcId=Ref(VPC),
        Tags=Tags(
            Name=Join("", [Ref("AWS::StackName"), "-DB-SG"]),
        )
    ))

我会注意到对流层RDSSecurityGroup对应于“ RDS 安全组规则”。命名不一致令人困惑。

于 2019-02-01T09:04:35.713 回答