Getting 'Property IpProtocol cannot be empty' error while creating security group using cloud formation

0
votes

I am creating a basic security group using cloud formation on AWS but I am getting Property IpProtocol cannot be empty. error. Following is the yml code I am running:

Resources:
    testsecuritygroup:
    Type: AWS::EC2::SecurityGroup
    Properties: 
      GroupName: test-group
      GroupDescription: test security group
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
        - SourceSecurityGroupId: sg-xxxxxxxxxx
      SecurityGroupEgress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0
      Tags:
        - Key: group
          Value: test
      VpcId: !ImportValue VPC

When I run create-stack command it is running successfully but the stack is rolled back with CREATE_FAILED status and Property IpProtocol cannot be empty error. What I am doing wrong here?

2
amazon-web-servicesamazon-cloudformationaws-security-group
Hello there, are you sure that this error concerns exacly this security group? Don't you have any other SG in CloudFormation? - Yupik
Thank you, I resolved the issue. I will post an answer soon. - bot

2 Answers

2
votes

I resolved this issue. To add a security group we have to create an Ingress rule and attach it to the security group instead of defining it in the security group.

Resources:
    test:
    Type: AWS::EC2::SecurityGroup
    Properties: 
      VpcId: !ImportValue VPC
      GroupName: test-group
      GroupDescription: test security group
      SecurityGroupEgress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
      Tags:
        - Key: group
          Value: test
  TestInboundRule:
    Type: AWS::EC2::SecurityGroupIngress
    Properties: 
      GroupId: !GetAtt test.GroupId
      IpProtocol: tcp
      FromPort: 80
      ToPort: 80
      SourceSecurityGroupId: sg-xxxxxxxxx
1
votes

Your cidr is not valid. It should be 0.0.0.0/0