Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Creating EC2 Ingress rule in C#

0

I'm trying to create an ingress rule in C# and I'm getting an error at runtime. Here's the relevant code: `

        ///////////BEGIN Set Vars//////////////////////
        ///////////////////////////////////////////////
        Amazon.EC2.AmazonEC2Client ec2Client = new Amazon.EC2.AmazonEC2Client();
        Amazon.EC2.Model.AuthorizeSecurityGroupIngressRequest secRequest = new 
       **Amazon.EC2.Model.AuthorizeSecurityGroupIngressRequest();
        Amazon.EC2.Model.IpPermission ipPerm = new Amazon.EC2.Model.IpPermission();
        Amazon.EC2.Model.IpRange ipRange = new Amazon.EC2.Model.IpRange();
        List<Amazon.EC2.Model.IpPermission> ipRangeList = new List<Amazon.EC2.Model.IpPermission>();

        ///////////////////////////////////////////////
        ///////////END Set Vars////////////////////////
        ///////////////////////////////////////////////


        ///////////////////////////////////////////////
        ///////////BEGIN IP Range//////////////////////
        ///////////////////////////////////////////////

        ipRange.CidrIp = "5.5.5.10/32";
        ipRange.Description = "My new IP rule";
        ipRangeList.Add(ipPerm);
        ///////////////////////////////////////////////
        ///////////END IP Range////////////////////////
        ///////////////////////////////////////////////


        ///////////////////////////////////////////////
        ///////////BEGIN IP Perms//////////////////////
        ///////////////////////////////////////////////
        ipPerm.IpProtocol = "tcp";
        ipPerm.ToPort = 3389;
        ipPerm.FromPort = 3389;
        ipPerm.Ipv4Ranges.AddRange((IEnumerable<Amazon.EC2.Model.IpRange>)ipRangeList);
        ///////////////////////////////////////////////
        ///////////END IP Perms////////////////////////
        ///////////////////////////////////////////////`

If I just try to add ipRange as a range to ipPerm, the precompiler complains that it needs to be type of List<Amazon.EC2.Model.IpPermission>.

When I use the code above and cast it to List<Amazon.EC2.Model.IpPermission>, the precompiler gets happy, but I get a runtime error:

** Message=Unable to cast object of type 'System.Collections.Generic.List1[Amazon.EC2.Model.IpPermission]' to type 'System.Collections.Generic.IEnumerable1[Amazon.EC2.Model.IpRange]'. Source=System.Private.CoreLib StackTrace: at System.Runtime.CompilerServices.CastHelpers.ChkCastAny(Void* toTypeHnd, Object obj) at AWSFirewall.Program.Main(String[] args) in C:\Users\SeanMcCown\source\repos\AWSFirewall\Program.cs:line 44**

Themen
Kalkulation.NET auf AWS
Tags
Amazon EC2.NET auf AWS
Sprache
English
Sean McCown
gefragt vor 2 Jahren241 Aufrufe
1 Antwort
1

You are trying to cast incompatible types, so the .NET runtime generates an exception. You want to add a list of IpPermission objects into a list of IpRange objects, which is not possible.

Please refer to the AWS SDK documentation about Updating security groups.

There, you can find a code snippet that shows you how to add an ingress rule to a security group:

async Task AddIngressRuleAsync(IAmazonEC2 eC2Client, string groupID, string ipAddress, int port)
{
  // Create an object to hold the request information for the rule.
  // It uses an IpPermission object to hold the IP information for the rule.
  var ingressRequest = new AuthorizeSecurityGroupIngressRequest { GroupId = groupID };
  ingressRequest.IpPermissions.Add(new IpPermission
  {
    IpProtocol = "tcp",
    FromPort = port,
    ToPort = port,
    Ipv4Ranges = new List<IpRange> { new IpRange { CidrIp = ipAddress } }
  });

  // Create the inbound rule for the security group
  var responseIngress = await eC2Client.AuthorizeSecurityGroupIngressAsync(ingressRequest);
  Console.WriteLine($"\nNew RDP rule was written in {groupID} for {ipAddress}.");
  Console.WriteLine($"Result: {responseIngress.HttpStatusCode}");
}

You can then use this method to update the security group with your desired permissions:

var ec2Client = new Amazon.EC2.AmazonEC2Client();
var sgId = "your-security-group-id";
var cidr = "5.5.5.10/32";
var port = 3389;
await AddIngressRuleAsync(ec2Client, sgId, cidr, port);
profile pictureAWS
Dmitry Balabanov
beantwortet vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt