Home > Net >  Add Resources to IngressRule as IPeer
Add Resources to IngressRule as IPeer

Time:07-15

const ecsAdminService = new ecs.FargateService(this, "AdminService", {
  cluster,
  taskDefinition:taskDefinitionAdmin,
  desiredCount: desiredCount,
  vpcSubnets: props!.vpc.selectSubnets({ subnetType: ec2.SubnetType.PUBLIC }),
  assignPublicIp: true, 
  securityGroups:[adminServiceSg],
  enableExecuteCommand:true,
  serviceName: serviceName
});

props!.dbSecurityGroup.addIngressRule(ecsAdminService, ec2.Port.tcp(3306),'allow mysql port');

I want to add the fargate to addIngressRule and addIngressRule required the IPeer

However I am not sure how to change the fargate to IPeer.

How can I make this?

CodePudding user response:

Refer to this answer on the topic: Best way to organize security group rules in AWS CDK

The recommended way to do this is to use CDK's abstractions. It would look like this:

ecsAdminService.connections.allowToDefaultPort(props.db);

You would need to pass the database instance/cluster in the props, not the security group. The required security group rules will be created automatically.

Page link:https//www.codepudding.com/net/475954.html

Prev:Prevent overlapping edges on AWS Neptune
Next:How to create a dynamic map in Terraform?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding