Information about IAM roles, subnets, and security groups needed for this DataflowEndpointGroup.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{
"RoleArn" : String,
"SecurityGroupIds" : [ String, ... ],
"SubnetIds" : [ String, ... ]
}
YAML
RoleArn: String
SecurityGroupIds:
- String
SubnetIds:
- String
Properties
RoleArn-
The ARN of a role which Ground Station has permission to assume, such as
arn:aws:iam::1234567890:role/DataDeliveryServiceRole.Ground Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact.
Required: No
Type: String
Pattern:
^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$Update requires: Replacement
SecurityGroupIds-
The security group Ids of the security role, such as
sg-1234567890abcdef0.Required: No
Type: Array of String
Update requires: Replacement
SubnetIds-
The subnet Ids of the security details, such as
subnet-12345678.Required: No
Type: Array of String
Update requires: Replacement
Examples
Create SecurityDetails
The following example creates Ground Station SecurityDetails
JSON
{
"SecurityDetails": {
"SubnetIds": [
"subnet-6782e71e"
],
"SecurityGroupIds": [
"sg-6979fe18"
],
"RoleArn": "arn:aws:iam::012345678910:role/groundstation-service-role-AWSServiceRoleForAmazonGroundStation-EXAMPLEBQ4PI"
}
}YAML
SecurityDetails:
SubnetIds:
- subnet-12345678
SecurityGroupIds:
- sg-87654321
RoleArn: arn:aws:iam::012345678910:role/groundstation-service-role-AWSServiceRoleForAmazonGroundStation-EXAMPLEABCDE