Implement SecurityGroupIngress and SecurityGroupEgress
AWS implements Security Group Rules as separate resources to the Security Group. This allows you to create rulesets referencing the parent group without issues caused by self-referential behavior.
Blueprint information
- Status:
- Complete
- Approver:
- Oleksii Chuprykov
- Priority:
- Low
- Drafter:
- Stephen Gran
- Direction:
- Approved
- Assignee:
- Dmitriy
- Definition:
- Approved
- Series goal:
- None
- Implementation:
- Implemented
- Milestone target:
- None
- Started by
- Oleksii Chuprykov
- Completed by
- Oleksii Chuprykov
Related branches
Related bugs
Sprints
Whiteboard
You might want a template snippet that looks like this for your proxy servers:
"SquidSecurityG
"Type" : "AWS::EC2:
"Properties" : {
"
"
}]
}
This is currently not possible, since rules are not separate from the containing groups, so heat cannot order them appropriately.
(therve) FWIW, we solved that issue for OS::Neutron:
Gerrit topic: https:/
Addressed by: https:/
Add new resource Security Group Rule