我正在构建Cloud Formation JSON以定义EC2实例和安全组。允许同一安全组中的每个实例在Cloud Formation JSON上彼此之间共享任何数据?
我需要创建一个安全组,允许属于它的每个实例在彼此之间共享任何数据。
我的JSON是这样的:
"InternalSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"VpcId" : {"Ref" : "myVPC"},
"GroupDescription" : "Allow the machines in this group to share all kinds of traffic between each other",
"SecurityGroupIngress" : [
{
"IpProtocol" : "-1",
"FromPort": "-1",
"ToPort": "-1",
"SourceSecurityGroupId" : { "Ref" : "InternalSecurityGroup" }
}
],
"SecurityGroupEgress" : [
{
"IpProtocol" : "-1",
"FromPort": "-1",
"ToPort": "-1",
"DestinationSecurityGroupId" : { "Ref" : "InternalSecurityGroup" }
}
]
}
},
但这让我看到以下错误:
A client error (ValidationError) occurred when calling the CreateStack operation: Circular dependency between resources
要解决它,我改变了我的代码,以CidrIp而不是SourceSecurityGroupId,定义子网的情况下,都在。
是否有可能引用同一个安全组?什么是最好(或正确)的方式来实现我想要的?