- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Use the Security Group component to represent security groups from your Amazon Web Services architecture.
Use the toolbar to configure and customize the component. The following options are available:
Use the Cloudcraft API to programmatically access and render your architecture diagrams as JSON objects.
The following is an example JSON of a Security Group component:
{
"type": "sg",
"id": "a699dbeb-2fe5-49a5-beea-b24695c247e4",
"region": "us-east-1",
"name": "cloudcraft-sg-example",
"shape": "dynamic",
"padding": 1.5,
"nodes": [
"e99bad32-82f6-49a7-b145-11963a3d7775"
],
"inboundRules": [
{
"portRange": "80",
"protocol": "tcp",
"target": "bc883fec-e97c-4c27-b9a7-64e3d154452b",
"targetType": "sg",
"description": "HTTP Traffic",
"hidden": false
},
{
"portRange": "443",
"protocol": "tcp",
"target": "bc883fec-e97c-4c27-b9a7-64e3d154452b",
"targetType": "sg",
"description": "HTTPS Traffic",
"hidden": false
},
{
"portRange": "22",
"protocol": "tcp",
"target": "65e16268-d9ee-440a-9a4d-29b92520572e",
"targetType": "sg",
"description": "Bastion server",
"hidden": false
}
],
"outboundRules": [
{
"portRange": "25",
"protocol": "tcp",
"target": "199.255.192.0/22",
"targetType": "ip",
"description": "AWS SES",
"hidden": false
}
],
"color": {
"isometric": "#4286c5",
"2d": "#4286c5"
},
"link": "blueprint://33a8bf46-7326-4999-ba0a-789bcd94f0a2",
"locked": true
}
uuid
format.cn-
regions.dynamic
or rectangular
.1.5
.nodes
for more information.inboundRules
and outboundRules
for more information.inboundRules
and outboundRules
for more information.blueprint://ID
format or to an external website using the https://LINK
format.true
, changes made to the component using the application are disabled until unlocked.nodes
The nodes
key accepts an array of unique identifiers for the components inside the security group.
The following AWS components can be added to a security group:
asg, ec2, lambda, efs, fsx, elb, rds, docdb, elasticache, redshift, es
In addition to the AWS components, the following common components can also be added to security groups:
block, isotext, icon, image, area
inboundRules
and outboundRules
The inboundRules
and outboundRules
keys accept an array with rules represented by JSON objects.
{
"inboundRules": [
{
"portRange": "22",
"protocol": "tcp",
"target": "192.0.2.0/24",
"targetType": "ip",
"description": "RFC 5737",
"hidden": false
}
],
"outboundRules": [
{
"portRange": "25",
"protocol": "tcp",
"target": "199.255.192.0/22",
"targetType": "ip",
"description": "AWS SES",
"hidden": false
}
]
}
42000-42222
.id
of a security group that is the source of traffic to the components.target
. Accepted values are ip
or sg
.true
, the inbound or outbound rule is not displayed in the diagram. See the component image at the top of the page to see how it is displayed. Defaults to false
.