.securityGroupIngress()
的CfnSecurityGroup.Builder
需要 List<Object> securityGroupIngress
。我正在尝试向安全组添加入口规则:
CfnSecurityGroupIngress ingressRule =
CfnSecurityGroupIngress.Builder.create(this, "IngressRule")
.ipProtocol("tcp")
.fromPort(80)
.toPort(80)
.cidrIp("0.0.0.0/0")
.build();
List<Object> ingressRules = new ArrayList<>();
ingressRules.add(ingressRule)
然后:
CfnSecurityGroup.Builder.create(this, "SecurityGroup")
.groupName("ALB-SG")
.groupDescription("Allow traffic from the Internet to the ALB")
.vpcId(vpc.getRef())
.securityGroupIngress(ingressRules) // <--
.build();
当我尝试编译时,出现以下错误:
Caused by: software.amazon.jsii.JsiiException: Resolution error: Resolution error: Trying to resolve() a Construct at /Resources/${Token[SGStack.SecurityGroup.LogicalID.39]}/Properties/securityGroupIngress/0/node.
令我困惑的是 List<Object>
.securityGroupIngress()
要求因为在 CloudFormation 中,SecurityGroupIngress
(CfnSecurityGroupIngress)
AWS::EC2::SecurityGroup
的属性(property)(CfnSecurityGroup)
获取 Ingress
的列表对象。这是为什么List<Object>
而不是List<CfnSecurityGroupIngressProps>
或List<CfnSecurityGroupIngress>
?但最重要的是,我如何创建这个List<Object>
这是必需的吗?
最佳答案
使用 software.amazon.awscdk.services.ec2.CfnSecurityGroup.IngressProperty
而不是 CfnSecurityGroupIngress
:
IngressProperty
.builder()
.fromPort(80)
.toPort(80)
.ipProtocol("tcp")
.cidrIp("0.0.0.0/0")
.build()
关于java - 如何创建SecurityGroupIngress对象?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60779797/