pulumi-aws-kotlin/com.pulumi.aws.vpc.kotlin/SecurityGroupEgressRuleArgs

SecurityGroupEgressRuleArgs

data class SecurityGroupEgressRuleArgs(val cidrIpv4: Output<String>? = null, val cidrIpv6: Output<String>? = null, val description: Output<String>? = null, val fromPort: Output<Int>? = null, val ipProtocol: Output<String>? = null, val prefixListId: Output<String>? = null, val referencedSecurityGroupId: Output<String>? = null, val securityGroupId: Output<String>? = null, val tags: Output<Map<String, String>>? = null, val toPort: Output<Int>? = null) : ConvertibleToJava<SecurityGroupEgressRuleArgs>

Manages an outbound (egress) rule for a security group. When specifying an outbound rule for your security group in a VPC, the configuration must include a destination for the traffic.

NOTE: Using aws.vpc.SecurityGroupEgressRule and aws.vpc.SecurityGroupIngressRule resources is the current best practice. Avoid using the aws.ec2.SecurityGroupRule resource and the ingress and egress arguments of the aws.ec2.SecurityGroup resource for configuring in-line rules, as they struggle with managing multiple CIDR blocks, and tags and descriptions due to the historical lack of unique IDs. !>WARNING: You should not use the aws.vpc.SecurityGroupEgressRule and aws.vpc.SecurityGroupIngressRule resources in conjunction with the aws.ec2.SecurityGroup resource with in-line rules (using the ingress and egress arguments of aws.ec2.SecurityGroup) or the aws.ec2.SecurityGroupRule resource. Doing so may cause rule conflicts, perpetual differences, and result in rules being overwritten.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.vpc.SecurityGroupEgressRule("example", {
    securityGroupId: exampleAwsSecurityGroup.id,
    cidrIpv4: "10.0.0.0/8",
    fromPort: 80,
    ipProtocol: "tcp",
    toPort: 80,
});

import pulumi
import pulumi_aws as aws
example = aws.vpc.SecurityGroupEgressRule("example",
    security_group_id=example_aws_security_group["id"],
    cidr_ipv4="10.0.0.0/8",
    from_port=80,
    ip_protocol="tcp",
    to_port=80)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = new Aws.Vpc.SecurityGroupEgressRule("example", new()
    {
        SecurityGroupId = exampleAwsSecurityGroup.Id,
        CidrIpv4 = "10.0.0.0/8",
        FromPort = 80,
        IpProtocol = "tcp",
        ToPort = 80,
    });
});

package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/vpc"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := vpc.NewSecurityGroupEgressRule(ctx, "example", &vpc.SecurityGroupEgressRuleArgs{
			SecurityGroupId: pulumi.Any(exampleAwsSecurityGroup.Id),
			CidrIpv4:        pulumi.String("10.0.0.0/8"),
			FromPort:        pulumi.Int(80),
			IpProtocol:      pulumi.String("tcp"),
			ToPort:          pulumi.Int(80),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.vpc.SecurityGroupEgressRule;
import com.pulumi.aws.vpc.SecurityGroupEgressRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new SecurityGroupEgressRule("example", SecurityGroupEgressRuleArgs.builder()
            .securityGroupId(exampleAwsSecurityGroup.id())
            .cidrIpv4("10.0.0.0/8")
            .fromPort(80)
            .ipProtocol("tcp")
            .toPort(80)
            .build());
    }
}

resources:
  example:
    type: aws:vpc:SecurityGroupEgressRule
    properties:
      securityGroupId: ${exampleAwsSecurityGroup.id}
      cidrIpv4: 10.0.0.0/8
      fromPort: 80
      ipProtocol: tcp
      toPort: 80

Import

Using pulumi import, import security group egress rules using the security_group_rule_id. For example:

$ pulumi import aws:vpc/securityGroupEgressRule:SecurityGroupEgressRule example sgr-02108b27edd666983

Constructors

SecurityGroupEgressRuleArgs

constructor(cidrIpv4: Output<String>? = null, cidrIpv6: Output<String>? = null, description: Output<String>? = null, fromPort: Output<Int>? = null, ipProtocol: Output<String>? = null, prefixListId: Output<String>? = null, referencedSecurityGroupId: Output<String>? = null, securityGroupId: Output<String>? = null, tags: Output<Map<String, String>>? = null, toPort: Output<Int>? = null)

Properties

cidrIpv4

val cidrIpv4: Output<String>? = null

The destination IPv4 CIDR range.

cidrIpv6

val cidrIpv6: Output<String>? = null

The destination IPv6 CIDR range.

description

val description: Output<String>? = null

The security group rule description.

fromPort

val fromPort: Output<Int>? = null

The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type.

ipProtocol

val ipProtocol: Output<String>? = null

The IP protocol name or number. Use -1 to specify all protocols. Note that if ip_protocol is set to -1, it translates to all protocols, all port ranges, and from_port and to_port values should not be defined.

prefixListId

val prefixListId: Output<String>? = null

The ID of the destination prefix list.

referencedSecurityGroupId

val referencedSecurityGroupId: Output<String>? = null

The destination security group that is referenced in the rule.

securityGroupId

val securityGroupId: Output<String>? = null

The ID of the security group.

Functions

toJava

open override fun toJava(): SecurityGroupEgressRuleArgs