UNPKG

@pulumi/aws

Version:

A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.

pulumi.io

pulumi/pulumi-aws

121 lines 5.96 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
"use strict"; // *** WARNING: this file was generated by pulumi-language-nodejs. *** // *** Do not edit by hand unless you're certain you know what you are doing! *** Object.defineProperty(exports, "__esModule", { value: true }); exports.SecurityGroupIngressRule = void 0; const pulumi = require("@pulumi/pulumi"); const utilities = require("../utilities"); /** * Manages an inbound (ingress) rule for a security group. * * When specifying an inbound rule for your security group in a VPC, the configuration must include a source for the traffic. * * > **NOTE:** Using `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources is the current best practice. Avoid using the `aws.ec2.SecurityGroupRule` resource and the `ingress` and `egress` arguments of the `aws.ec2.SecurityGroup` resource for configuring in-line rules, as they struggle with managing multiple CIDR blocks, and tags and descriptions due to the historical lack of unique IDs. * * !> **WARNING:** You should not use the `aws.vpc.SecurityGroupEgressRule` and `aws.vpc.SecurityGroupIngressRule` resources in conjunction with the `aws.ec2.SecurityGroup` resource with _in-line rules_ (using the `ingress` and `egress` arguments of `aws.ec2.SecurityGroup`) or the `aws.ec2.SecurityGroupRule` resource. Doing so may cause rule conflicts, perpetual differences, and result in rules being overwritten. * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const example = new aws.ec2.SecurityGroup("example", { * name: "example", * description: "example", * vpcId: main.id, * tags: { * Name: "example", * }, * }); * const exampleSecurityGroupIngressRule = new aws.vpc.SecurityGroupIngressRule("example", { * securityGroupId: example.id, * cidrIpv4: "10.0.0.0/8", * fromPort: 80, * ipProtocol: "tcp", * toPort: 80, * }); * ``` * * ## Import * * Using `pulumi import`, import security group ingress rules using the `security_group_rule_id`. For example: * * ```sh * $ pulumi import aws:vpc/securityGroupIngressRule:SecurityGroupIngressRule example sgr-02108b27edd666983 * ``` */ class SecurityGroupIngressRule extends pulumi.CustomResource { /** * Get an existing SecurityGroupIngressRule resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name, id, state, opts) { return new SecurityGroupIngressRule(name, state, { ...opts, id: id }); } /** * Returns true if the given object is an instance of SecurityGroupIngressRule. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj) { if (obj === undefined || obj === null) { return false; } return obj['__pulumiType'] === SecurityGroupIngressRule.__pulumiType; } constructor(name, argsOrState, opts) { let resourceInputs = {}; opts = opts || {}; if (opts.id) { const state = argsOrState; resourceInputs["arn"] = state?.arn; resourceInputs["cidrIpv4"] = state?.cidrIpv4; resourceInputs["cidrIpv6"] = state?.cidrIpv6; resourceInputs["description"] = state?.description; resourceInputs["fromPort"] = state?.fromPort; resourceInputs["ipProtocol"] = state?.ipProtocol; resourceInputs["prefixListId"] = state?.prefixListId; resourceInputs["referencedSecurityGroupId"] = state?.referencedSecurityGroupId; resourceInputs["region"] = state?.region; resourceInputs["securityGroupId"] = state?.securityGroupId; resourceInputs["securityGroupRuleId"] = state?.securityGroupRuleId; resourceInputs["tags"] = state?.tags; resourceInputs["tagsAll"] = state?.tagsAll; resourceInputs["toPort"] = state?.toPort; } else { const args = argsOrState; if (args?.ipProtocol === undefined && !opts.urn) { throw new Error("Missing required property 'ipProtocol'"); } if (args?.securityGroupId === undefined && !opts.urn) { throw new Error("Missing required property 'securityGroupId'"); } resourceInputs["cidrIpv4"] = args?.cidrIpv4; resourceInputs["cidrIpv6"] = args?.cidrIpv6; resourceInputs["description"] = args?.description; resourceInputs["fromPort"] = args?.fromPort; resourceInputs["ipProtocol"] = args?.ipProtocol; resourceInputs["prefixListId"] = args?.prefixListId; resourceInputs["referencedSecurityGroupId"] = args?.referencedSecurityGroupId; resourceInputs["region"] = args?.region; resourceInputs["securityGroupId"] = args?.securityGroupId; resourceInputs["tags"] = args?.tags; resourceInputs["toPort"] = args?.toPort; resourceInputs["arn"] = undefined /*out*/; resourceInputs["securityGroupRuleId"] = undefined /*out*/; resourceInputs["tagsAll"] = undefined /*out*/; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); super(SecurityGroupIngressRule.__pulumiType, name, resourceInputs, opts); } } exports.SecurityGroupIngressRule = SecurityGroupIngressRule; /** @internal */ SecurityGroupIngressRule.__pulumiType = 'aws:vpc/securityGroupIngressRule:SecurityGroupIngressRule'; //# sourceMappingURL=securityGroupIngressRule.js.map