How to specify all ports in Security group - CloudFormation

后端 未结 3 1600
夕颜
夕颜 2021-02-07 00:21

I have my CloudFormation script like this now:

    \"SecurityGroupIngress\" : [{
      \"IpProtocol\" : \"tcp\",
      \"FromPort\" : \"0\",
      \"ToPort\" : \         


        
相关标签:
3条回答
  • 2021-02-07 00:57

    If you are looking to allow all protocols and all ports, then you can do the following

    {
      "IpProtocol" : "-1"
      "CidrIp" : "0.0.0.0/0"
    }
    
    0 讨论(0)
  • 2021-02-07 01:18

    FromPort
    Start of port range for the TCP and UDP protocols, or an ICMP type number. If you specify icmp for the IpProtocol property, you can specify -1 as a wildcard (i.e., any ICMP type number).

    ToPort
    End of port range for the TCP and UDP protocols, or an ICMP code. If you specify icmp for the IpProtocol property, you can specify -1 as a wildcard (i.e., any ICMP code).

    ex.
    { "IpProtocol" : "icmp", "FromPort" : "8", "ToPort" : "-1", "CidrIp" : "10.0.0.0/24" }

    ref:
    https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html

    0 讨论(0)
  • 2021-02-07 01:23

    The original solution I posted (and accepted by the original poster) stopped working as AWS no longer supports it. To avoid the barrage of downvotes, I deleted the answer. The alternatives are:

    • Specify the ports 0 and 65535

    or

    Open all ports for all protocols not just TCP (as suggested by thewire247 below)

    "SecurityGroupIngress" : [{
      "IpProtocol" : "-1",
      "CidrIp" : "0.0.0.0/0"
    }]
    
    0 讨论(0)
提交回复
热议问题