.securityGroupIngress()的CfnSecurityGroup.Builder需要 List<Object> securityGroupIngress 。我正在尝试向安全组添加入口规则:
CfnSecurityGroupIngress ingressRule =
CfnSecurityGroupIngress.Builder.create(this, "IngressRule")
.ipProtocol("tcp")
.fromPort(80)
.toPort(80)
.cidrIp("0.0.0.0/0")
.build();
List<Object> ingressRules = new ArrayList<>();
ingressRules.add(ingressRule)
然后:
CfnSecurityGroup.Builder.create(this, "SecurityGroup")
.groupName("ALB-SG")
.groupDescription("Allow traffic from the Internet to the ALB")
.vpcId(vpc.getRef())
.securityGroupIngress(ingressRules) // <--
.build();
当我尝试编译时,出现以下错误:
Caused by: software.amazon.jsii.JsiiException: Resolution error: Resolution error: Trying to resolve() a Construct at /Resources/${Token[SGStack.SecurityGroup.LogicalID.39]}/Properties/securityGroupIngress/0/node.
令我困惑的是 List<Object> .securityGroupIngress() 要求因为在 CloudFormation 中,SecurityGroupIngress (CfnSecurityGroupIngress) AWS::EC2::SecurityGroup 的属性(property)(CfnSecurityGroup)获取 Ingress 的列表对象。这是为什么List<Object>而不是List<CfnSecurityGroupIngressProps>或List<CfnSecurityGroupIngress> ?但最重要的是,我如何创建这个List<Object>这是必需的吗?
最佳答案
使用 software.amazon.awscdk.services.ec2.CfnSecurityGroup.IngressProperty 而不是 CfnSecurityGroupIngress:
IngressProperty
.builder()
.fromPort(80)
.toPort(80)
.ipProtocol("tcp")
.cidrIp("0.0.0.0/0")
.build()
关于java - 如何创建SecurityGroupIngress对象?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60779797/