Home > Enterprise >  Using Prefix Lists in Security Groups
Using Prefix Lists in Security Groups

Time:04-09

if I was to use the AWS documentation for creating Security Groups using CloudFormation (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html), it appears lacking in what I am trying to achieve. There are plenty of examples where egress rules can be configured to use a CIDR value as the destination which is all very well and good.

But what I am trying to achieve is to use a prefix-list id (pl-112233) as a network destination

For example:

    "SecurityGroupEgress" : [{
        "IpProtocol" : "tcp",
        "FromPort" : 80,
        "ToPort" : 80,
        "CidrIp" : "0.0.0.0/0" # using prefix list example pl-112233
    }]

Unfortunately I cannot locate any support for this requirement and I want to understand if other's have met this difficulty. I should point out that these prefix lists pre-exist and don't need to be created as part of this CloudFormation.

CodePudding user response:

Based on AWS::EC2::SecurityGroup Egress - AWS CloudFormation, it would seem that you can use:

 "SecurityGroupEgress" : [{
        "IpProtocol" : "tcp",
        "FromPort" : 80,
        "ToPort" : 80,
        "DestinationPrefixListId" : "pl-112233"
    }]

Page link:https//www.codepudding.com/Enterprise/365604.html

Prev:When the button is clicked, pass the argument as a change in the url string
Next:Retrieving value from JSON object in bash using JQ
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding