pulumi-aws-kotlin/com.pulumi.aws.vpc.kotlin/SecurityGroupEgressRule

SecurityGroupEgressRule

class SecurityGroupEgressRule : KotlinCustomResource

Manages an outbound (egress) rule for a security group. When specifying an outbound rule for your security group in a VPC, the configuration must include a destination for the traffic.

NOTE on Security Groups and Security Group Rules: this provider currently provides a Security Group resource with ingress and egress rules defined in-line and a Security Group Rule resource which manages one or more ingress or egress rules. Both of these resource were added before AWS assigned a security group rule unique ID, and they do not work well in all scenarios using thedescription and tags attributes, which rely on the unique ID. The aws.vpc.SecurityGroupEgressRule resource has been added to address these limitations and should be used for all new security group rules. You should not use the aws.vpc.SecurityGroupEgressRule resource in conjunction with an aws.ec2.SecurityGroup resource with in-line rules or with aws.ec2.SecurityGroupRule resources defined for the same Security Group, as rule conflicts may occur and rules will be overwritten.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.vpc.SecurityGroupEgressRule("example", {
    securityGroupId: exampleAwsSecurityGroup.id,
    cidrIpv4: "10.0.0.0/8",
    fromPort: 80,
    ipProtocol: "tcp",
    toPort: 80,
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.vpc.SecurityGroupEgressRule("example",
    security_group_id=example_aws_security_group["id"],
    cidr_ipv4="10.0.0.0/8",
    from_port=80,
    ip_protocol="tcp",
    to_port=80)
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = new Aws.Vpc.SecurityGroupEgressRule("example", new()
    {
        SecurityGroupId = exampleAwsSecurityGroup.Id,
        CidrIpv4 = "10.0.0.0/8",
        FromPort = 80,
        IpProtocol = "tcp",
        ToPort = 80,
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpc"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := vpc.NewSecurityGroupEgressRule(ctx, "example", &vpc.SecurityGroupEgressRuleArgs{
			SecurityGroupId: pulumi.Any(exampleAwsSecurityGroup.Id),
			CidrIpv4:        pulumi.String("10.0.0.0/8"),
			FromPort:        pulumi.Int(80),
			IpProtocol:      pulumi.String("tcp"),
			ToPort:          pulumi.Int(80),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.vpc.SecurityGroupEgressRule;
import com.pulumi.aws.vpc.SecurityGroupEgressRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new SecurityGroupEgressRule("example", SecurityGroupEgressRuleArgs.builder()
            .securityGroupId(exampleAwsSecurityGroup.id())
            .cidrIpv4("10.0.0.0/8")
            .fromPort(80)
            .ipProtocol("tcp")
            .toPort(80)
            .build());
    }
}
Content copied to clipboard
resources:
  example:
    type: aws:vpc:SecurityGroupEgressRule
    properties:
      securityGroupId: ${exampleAwsSecurityGroup.id}
      cidrIpv4: 10.0.0.0/8
      fromPort: 80
      ipProtocol: tcp
      toPort: 80
Content copied to clipboard

Import

Using pulumi import, import security group egress rules using the security_group_rule_id. For example:

$ pulumi import aws:vpc/securityGroupEgressRule:SecurityGroupEgressRule example sgr-02108b27edd666983
Content copied to clipboard

Properties

Link copied to clipboard
val arn: Output<String>

The Amazon Resource Name (ARN) of the security group rule.

Link copied to clipboard
val cidrIpv4: Output<String>?

The destination IPv4 CIDR range.

Link copied to clipboard
val cidrIpv6: Output<String>?

The destination IPv6 CIDR range.

Link copied to clipboard
val description: Output<String>?

The security group rule description.

Link copied to clipboard
val fromPort: Output<Int>?

The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val ipProtocol: Output<String>

The IP protocol name or number. Use -1 to specify all protocols. Note that if ip_protocol is set to -1, it translates to all protocols, all port ranges, and from_port and to_port values should not be defined.

Link copied to clipboard
val prefixListId: Output<String>?

The ID of the destination prefix list.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val referencedSecurityGroupId: Output<String>?

The destination security group that is referenced in the rule.

Link copied to clipboard
val securityGroupId: Output<String>

The ID of the security group.

Link copied to clipboard
val securityGroupRuleId: Output<String>

The ID of the security group rule.

Link copied to clipboard
val tags: Output<Map<String, String>>?

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Link copied to clipboard
val tagsAll: Output<Map<String, String>>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Link copied to clipboard
val toPort: Output<Int>?

The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code.

Link copied to clipboard
val urn: Output<String>