发表新帖
发表新帖

How to specify all ports in Security group - CloudFormation

后端 未结
关注
3 1580
夕颜
夕颜 2021-02-07 00:21

I have my CloudFormation script like this now:

    \"SecurityGroupIngress\" : [{
      \"IpProtocol\" : \"tcp\",
      \"FromPort\" : \"0\",
      \"ToPort\" : \
相关标签:
3条回答
  • 时光说笑
    2021-02-07 00:57

    If you are looking to allow all protocols and all ports, then you can do the following

    {
  "IpProtocol" : "-1"
  "CidrIp" : "0.0.0.0/0"
}
    0 讨论(0)
  • 被撕碎了的回忆
    2021-02-07 01:18

    FromPort
    Start of port range for the TCP and UDP protocols, or an ICMP type number. If you specify icmp for the IpProtocol property, you can specify -1 as a wildcard (i.e., any ICMP type number).

    ToPort
    End of port range for the TCP and UDP protocols, or an ICMP code. If you specify icmp for the IpProtocol property, you can specify -1 as a wildcard (i.e., any ICMP code).

    ex.
    { "IpProtocol" : "icmp", "FromPort" : "8", "ToPort" : "-1", "CidrIp" : "10.0.0.0/24" }

    ref:
    https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html

    0 讨论(0)
  • 星月不相逢
    2021-02-07 01:23

    The original solution I posted (and accepted by the original poster) stopped working as AWS no longer supports it. To avoid the barrage of downvotes, I deleted the answer. The alternatives are:

    • Specify the ports 0 and 65535

    or

    Open all ports for all protocols not just TCP (as suggested by thewire247 below)

    "SecurityGroupIngress" : [{
  "IpProtocol" : "-1",
  "CidrIp" : "0.0.0.0/0"
}]
    0 讨论(0)
 看不清?
提交回复
热议问题