UNPKG

@pulumi/aws

Version:

A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.

pulumi.io

pulumi/pulumi-aws

125 lines 5.99 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
"use strict"; // *** WARNING: this file was generated by pulumi-language-nodejs. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** Object.defineProperty(exports, "__esModule", { value: true }); exports.SecurityGroupEgressRule = void 0; const pulumi = require("@pulumi/pulumi"); const utilities = require("../utilities"); /** * Manages an outbound (egress) rule for a security group. * * When specifying an outbound rule for your security group in a VPC, the configuration must include a destination for the traffic. * * > **NOTE:** Using `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources is the current best practice. Avoid using the `aws.ec2.SecurityGroupRule` resource and the `ingress` and `egress` arguments of the `aws.ec2.SecurityGroup` resource for configuring in-line rules, as they struggle with managing multiple CIDR blocks, and tags and descriptions due to the historical lack of unique IDs. * * !> **WARNING:** You should not use the `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources in conjunction with the `aws.ec2.SecurityGroup` resource with _in-line rules_ (using the `ingress` and `egress` arguments of `aws.ec2.SecurityGroup`) or the `aws.ec2.SecurityGroupRule` resource. Doing so may cause rule conflicts, perpetual differences, and result in rules being overwritten. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const example = new aws.vpc.SecurityGroupEgressRule("example", { * securityGroupId: exampleAwsSecurityGroup.id, * cidrIpv4: "10.0.0.0/8", * fromPort: 80, * ipProtocol: "tcp", * toPort: 80, * }); * ``` * * ## Import * * ### Identity Schema * * #### Required * * * `id` - (String) ID of the security group rule. * * #### Optional * * * `account_id` (String) AWS Account where this resource is managed. * * * `region` (String) Region where this resource is managed. * * Using `pulumi import`, import security group egress rules using the `security_group_rule_id`. For example: * * console * * % pulumi import aws_vpc_security_group_egress_rule.example sgr-02108b27edd666983 */ class SecurityGroupEgressRule extends pulumi.CustomResource { /** * Get an existing SecurityGroupEgressRule resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name, id, state, opts) { return new SecurityGroupEgressRule(name, state, { ...opts, id: id }); } /** * Returns true if the given object is an instance of SecurityGroupEgressRule. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj) { if (obj === undefined || obj === null) { return false; } return obj['__pulumiType'] === SecurityGroupEgressRule.__pulumiType; } constructor(name, argsOrState, opts) { let resourceInputs = {}; opts = opts || {}; if (opts.id) { const state = argsOrState; resourceInputs["arn"] = state?.arn; resourceInputs["cidrIpv4"] = state?.cidrIpv4; resourceInputs["cidrIpv6"] = state?.cidrIpv6; resourceInputs["description"] = state?.description; resourceInputs["fromPort"] = state?.fromPort; resourceInputs["ipProtocol"] = state?.ipProtocol; resourceInputs["prefixListId"] = state?.prefixListId; resourceInputs["referencedSecurityGroupId"] = state?.referencedSecurityGroupId; resourceInputs["region"] = state?.region; resourceInputs["securityGroupId"] = state?.securityGroupId; resourceInputs["securityGroupRuleId"] = state?.securityGroupRuleId; resourceInputs["tags"] = state?.tags; resourceInputs["tagsAll"] = state?.tagsAll; resourceInputs["toPort"] = state?.toPort; } else { const args = argsOrState; if (args?.ipProtocol === undefined && !opts.urn) { throw new Error("Missing required property 'ipProtocol'"); } if (args?.securityGroupId === undefined && !opts.urn) { throw new Error("Missing required property 'securityGroupId'"); } resourceInputs["cidrIpv4"] = args?.cidrIpv4; resourceInputs["cidrIpv6"] = args?.cidrIpv6; resourceInputs["description"] = args?.description; resourceInputs["fromPort"] = args?.fromPort; resourceInputs["ipProtocol"] = args?.ipProtocol; resourceInputs["prefixListId"] = args?.prefixListId; resourceInputs["referencedSecurityGroupId"] = args?.referencedSecurityGroupId; resourceInputs["region"] = args?.region; resourceInputs["securityGroupId"] = args?.securityGroupId; resourceInputs["tags"] = args?.tags; resourceInputs["toPort"] = args?.toPort; resourceInputs["arn"] = undefined /*out*/; resourceInputs["securityGroupRuleId"] = undefined /*out*/; resourceInputs["tagsAll"] = undefined /*out*/; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); super(SecurityGroupEgressRule.__pulumiType, name, resourceInputs, opts); } } exports.SecurityGroupEgressRule = SecurityGroupEgressRule; /** @internal */ SecurityGroupEgressRule.__pulumiType = 'aws:vpc/securityGroupEgressRule:SecurityGroupEgressRule'; //# sourceMappingURL=securityGroupEgressRule.js.map