Security
Manages an inbound (ingress) rule for a security group. When specifying an inbound rule for your security group in a VPC, the configuration must include a source for the traffic.
NOTE on Security Groups and Security Group Rules: this provider currently provides a Security Group resource with
ingressandegressrules defined in-line and a Security Group Rule resource which manages one or moreingressoregressrules. Both of these resource were added before AWS assigned a security group rule unique ID, and they do not work well in all scenarios using thedescriptionandtagsattributes, which rely on the unique ID. Theaws.vpc.SecurityGroupIngressRuleresource has been added to address these limitations and should be used for all new security group rules. You should not use theaws.vpc.SecurityGroupIngressRuleresource in conjunction with anaws.ec2.SecurityGroupresource with in-line rules or withaws.ec2.SecurityGroupRuleresources defined for the same Security Group, as rule conflicts may occur and rules will be overwritten.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.vpc.SecurityGroupIngressRule;
import com.pulumi.aws.vpc.SecurityGroupIngressRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new SecurityGroupIngressRule("example", SecurityGroupIngressRuleArgs.builder()
.securityGroupId(aws_security_group.example().id())
.cidrIpv4("10.0.0.0/8")
.fromPort(80)
.ipProtocol("tcp")
.toPort(80)
.build());
}
}Import
Using pulumi import, import security group ingress rules using the security_group_rule_id. For example:
$ pulumi import aws:vpc/securityGroupIngressRule:SecurityGroupIngressRule example sgr-02108b27edd666983