How to create SecurityGroupIngressSee original GitHub issue
Hi, This is mostly not a bug but how to go about it. How can we add SecurityGroupIngress or SecurityGroupEgress referring to SecurityGroup created part of the same stack. My requirement is to loop through rules(how many ever are input) and create them referring to the SG and not defining the rules inline with the SG as shown in examples. I am trying something like:
for r in rules: t.add_resource(SecurityGroupEgress=[ SecurityGroupRule( IpProtocol=r, FromPort=r, ToPort=r, CidrIp=r, ) ], GroupId=Ref(sg_name) )
I tried variations like
t.add_resource(SecurityGroupEgress( SecurityGroupRule( IpProtocol=r,
But am not able to find a way to declare/define SecurtiyGroupIngress or SecurtiyGroupEgress as a resource. I have to add the rules separately after defining the SG since I have to run loops.
Please help me what I might be missing.
Also, more of a generic question, what is the best way to use Python loops with troposphere. Obvious ways are in play since loops work for distinct add_resource and variable assignment works within add_resource but there’s no provision(expectedly) to run loops within add_resource.
- Created 8 years ago
- Comments:9 (4 by maintainers)
Top GitHub Comments
Sorry, I was getting confused due to dealing with both non-VPC and VPC security groups, which have different cloudformation requirements around using group names vs. IDs, surprisingly.