我想启动一个可以从互联网访问的EC2实例。
resource "aws_internet_gateway" "ig" {
vpc_id = aws_vpc.vpc.id
tags = {
Name = "main"
}
}
resource "aws_vpc" "vpc" {
cidr_block = "10.0.0.0/16"
}
resource "aws_subnet" "subnet" {
vpc_id = aws_vpc.vpc.id
cidr_block = cidrsubnet("10.0.0.0/16", 8, count.index)
availability_zone = "us-east-1a"
map_public_ip_on_launch = true
}
resource "aws_security_group" "security" {
name = "security"
vpc_id = aws_vpc.
ingress {
from_port = 8
to_port = 0
protocol = "icmp"
cidr_blocks = [aws_vpc.vpc.cidr_block]
}
ingress {
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = [aws_vpc.vpc.cidr_block]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_instance" "applications" {
ami = "ami-08c40ec9ead489470"
instance_type = "t2.micro"
vpc_security_group_ids = [aws_security_group.security.id]
subnet_id = aws_subnet.subnet.id
depends_on = [aws_internet_gateway.ig]
}
但是telnet 8080不起作用,服务器也没有ping响应。我似乎无法从互联网访问EC2实例。
您不能从AWS外部连接到您的实例,因为您的入口规则禁止它,因为:
cidr_blocks = [aws_vpc.vpc.cidr_block]
这限制了只能从专有网络内访问。
对于互联网接入,它必须是
cidr_blocks = ["0.0.0.0/0"]