.2 Network Interface (ENI) 建模
CREATE (eni1:NetworkInterface {
id: "eni-12345abc",
name: "nat-gateway-eni-1a",
type: "nat_gateway",
private_ip: "10.0.1.100",
private_dns: "ip-10-0-1-100.ec2.internal",
subnet_id: "subnet-abc12345",
vpc_id: "vpc-12345678",
az: "cn-north-1a",
security_groups: ["sg-nat12345"],
source_dest_check: false,
tag: {
attached_resource: "nat-gateway",
environment: "production"
},
status: "in-use",
created_at: datetime(),
updated_at: datetime()
});

CREATE (eni2:NetworkInterface {
id: "eni-67890def",
name: "web-server-eni",
type: "instance",
private_ip: "10.0.1.50",
private_dns: "ip-10-0-1-50.ec2.internal",
subnet_id: "subnet-abc12345",
vpc_id: "vpc-12345678",
az: "cn-north-1a",
security_groups: ["sg-web12345"],
source_dest_check: true,
tag: {
attached_resource: "ec2_instance",
environment: "production"
},
status: "in-use",
created_at: datetime(),
updated_at: datetime()
});

// 8.3 NAT Gateway 建模
CREATE (nat1:NatGateway {
id: "nat-12345abc",
name: "production-nat-1a",
arn: "arn:aws:ec2:cn-north-1:123456789012:natgateway/nat-12345abc",
public_ip: "54.123.45.67",
private_ip: "10.0.1.100",
associated_vpc: "vpc-12345678",
associated_subnet: "subnet-abc12345",
network_interface_id: "eni-12345abc",
eip_allocation_id: "eipalloc-12345abc",
tag: {
environment: "production",
purpose: "private_subnet_internet_access",
tier: "networking"
},
status: "available",
created_at: datetime(),
updated_at: datetime()
});

// 8.4 Security Group 建模
CREATE (sg_web:SecurityGroup {
id: "sg-web12345",
name: "production-web-sg",
description: "Security group for web servers",
associated_vpc_id: "vpc-12345678",
tag: {
environment: "production",
tier: "web",
application: "frontend"
},
status: "active",
created_at: datetime(),
updated_at: datetime()
});

CREATE (sg_app:SecurityGroup {
id: "sg-app67890",
name: "production-app-sg",
description: "Security group for application servers",
associated_vpc_id: "vpc-12345678",
tag: {
environment: "production",
tier: "application",
application: "backend"
},
status: "active",
created_at: datetime(),
updated_at: datetime()
});

CREATE (sg_db:SecurityGroup {
id: "sg-db11111",
name: "production-db-sg",
description: "Security group for database servers",
associated_vpc_id: "vpc-12345678",
tag: {
environment: "production",
tier: "database",
application: "mysql"
},
status: "active",
created_at: datetime(),
updated_at: datetime()
});

// 8.5 Security Rules 建模(独立节点)
// Web Security Group Rules
CREATE (rule1:SecurityRule {
id: "rule-web-http-in",
direction: "inbound",
protocol: "tcp",
port_range: "80",
source_type: "cidr",
source: "0.0.0.0/0",
description: "HTTP from anywhere",
rule_action: "allow",
status: "active",
created_at: datetime(),
updated_at: datetime()
});

CREATE (rule2:SecurityRule {
id: "rule-web-https-in",
direction: "inbound",
protocol: "tcp",
port_range: "443",
source_type: "cidr",
source: "0.0.0.0/0",
description: "HTTPS from anywhere",
rule_action: "allow",
status: "active",
created_at: datetime(),
updated_at: datetime()
});

CREATE (rule3:SecurityRule {
id: "rule-web-all-out",
direction: "outbound",
protocol: "all",
port_range: "all",
source_type: "cidr",
source: "0.0.0.0/0",
description: "All outbound traffic",
rule_action: "allow",
status: "active",
created_at: datetime(),
updated_at: datetime()
});

// App Security Group Rules
CREATE (rule4:SecurityRule {
id: "rule-app-from-web",
direction: "inbound",
protocol: "tcp",
port_range: "8080",
source_type: "security_group",
source: "sg-web12345",
description:
 
 
Back to Top