pulumi-aws-kotlin/com.pulumi.aws.ec2.kotlin/SecurityGroupAssociation

SecurityGroupAssociation

class SecurityGroupAssociation : KotlinCustomResource

Provides a resource to create an association between a VPC endpoint and a security group.

NOTE on VPC Endpoints and VPC Endpoint Security Group Associations: The provider provides both a standalone VPC Endpoint Security Group Association (an association between a VPC endpoint and a single security_group_id) and a VPC Endpoint resource with a security_group_ids attribute. Do not use the same security group ID in both a VPC Endpoint resource and a VPC Endpoint Security Group Association resource. Doing so will cause a conflict of associations and will overwrite the association.

Example Usage

Basic usage:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const sgEc2 = new aws.ec2.SecurityGroupAssociation("sg_ec2", {
    vpcEndpointId: ec2.id,
    securityGroupId: sg.id,
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
sg_ec2 = aws.ec2.SecurityGroupAssociation("sg_ec2",
    vpc_endpoint_id=ec2["id"],
    security_group_id=sg["id"])
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var sgEc2 = new Aws.Ec2.SecurityGroupAssociation("sg_ec2", new()
    {
        VpcEndpointId = ec2.Id,
        SecurityGroupId = sg.Id,
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ec2.NewSecurityGroupAssociation(ctx, "sg_ec2", &ec2.SecurityGroupAssociationArgs{
			VpcEndpointId:   pulumi.Any(ec2.Id),
			SecurityGroupId: pulumi.Any(sg.Id),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.SecurityGroupAssociation;
import com.pulumi.aws.ec2.SecurityGroupAssociationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var sgEc2 = new SecurityGroupAssociation("sgEc2", SecurityGroupAssociationArgs.builder()
            .vpcEndpointId(ec2.id())
            .securityGroupId(sg.id())
            .build());
    }
}
Content copied to clipboard
resources:
  sgEc2:
    type: aws:ec2:SecurityGroupAssociation
    name: sg_ec2
    properties:
      vpcEndpointId: ${ec2.id}
      securityGroupId: ${sg.id}
Content copied to clipboard

Import

Using pulumi import, import VPC Endpoint Security Group Associations using vpc_endpoint_id together with security_group_id. For example:

$ pulumi import aws:ec2/securityGroupAssociation:SecurityGroupAssociation example vpce-aaaaaaaa/sg-bbbbbbbbbbbbbbbbb
Content copied to clipboard

Properties

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val replaceDefaultAssociation: Output<Boolean>?

Whether this association should replace the association with the VPC's default security group that is created when no security groups are specified during VPC endpoint creation. At most 1 association per-VPC endpoint should be configured with replace_default_association = true. false should be used when importing resources.

Link copied to clipboard
val securityGroupId: Output<String>

The ID of the security group to be associated with the VPC endpoint.

Link copied to clipboard
val urn: Output<String>
Link copied to clipboard
val vpcEndpointId: Output<String>

The ID of the VPC endpoint with which the security group will be associated.