amazon-web-services - 安全组 'ALB-sg' 无效

Question

我通过 Cfn 创建了一个 ALB，但收到了名为的错误

安全组“ALB-sg”无效(服务:AmazonElasticLoadBalancing；状态代码:400；错误代码:ValidationError；请求 ID:6ec8a268-80cc-4a3e-9477-809dba8a00c7；代理:null)

AWSTemplateFormatVersion: 2010-09-09

Description: AWS CloudFormation Sample Template for creating LoadBalancer

Parameters:
  VPC:
    Description: VPCId of your existing Virtual Private Cloud (VPC)
    Type: String
    Default: vpc-0c9a732125ac08541
  
  PublicSubnet:
    Description: SubnetId of an existing subnet (for the primary network in your Virtual Private Cloud VPC)
    Type: String
    Default: subnet-0787f34404852ceb9

Resources:
  
  ApplicationLoadBalancer:
    Type: AWS::ElasticLoadBalancingV2::LoadBalancer
    Properties: 
      Name: MyApplicationLoadBalancer
      Type: application
      IpAddressType: ipv4
      Scheme: internet-facing
      SecurityGroups: 
        - !Ref Albsg 
      Subnets: 
        - !Ref PublicSubnet
      Tags:
        - Key: Name
          Value: ALB

  HTTPListener:
        Type: "AWS::ElasticLoadBalancingV2::Listener"
        Properties:
            LoadBalancerArn: !Ref ApplicationLoadBalancer
            Port: 80
            Protocol: "HTTP"
            DefaultActions: 
              - Type: forward
                TargetGroupArn: !Ref ALBTargetGroup
  
  
  ALBTargetGroup:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      HealthCheckIntervalSeconds: 10
      HealthCheckPath: /
      HealthCheckTimeoutSeconds: 5
      HealthyThresholdCount: 2
      Matcher:
        HttpCode: 200,302
      Name: MyWebServers
      Port: 80
      Protocol: HTTP
      TargetType: instance
      UnhealthyThresholdCount: 5
      VpcId: !Ref VPC
      

  Albsg:
    Type: 'AWS::EC2::SecurityGroup'
    Properties:
      GroupName: ALB-sg
      GroupDescription: Security group for Load balancer
      SecurityGroupIngress:
        - CidrIp: 0.0.0.0/0
          FromPort: '80'
          IpProtocol: tcp
          ToPort: '80'
      Tags:
        - Key: Name 
          Value: ALB_SG

Outputs:
  TargetGroupName:
    Value: !Ref ALBTargetGroup
    Description: Name of Target ARN

我不知道还能尝试什么。这是我正在使用的模板..

Answer 1

在Albsg的SecurityGroupIngress中，字段FromPort和ToPort必须是整数，而不是字符串.