Hello folks At my company we usually spin up new VPC instanc

Question

Hello folks At my company we usually spin up new VPC instances for testing purposes Is there a way to override the default security group configuration for a new vpc using either with aws classic provider or aws native The VPC default security group is too permissive I could of course manually modify the inbound and outbound rules but is there a way to automate this process using pulumi resource providers

salmon-account-74572 · Answer

Why not create a new security group and use that instead of the default

astonishing-exabyte-93491 · Answer

yes I should do that My question is rather can we attach a custom SG to the aws ec2 Vpc instance

salmon-account-74572 · Answer

I don t know that you can replace the default SG when you create a VPC but you can definitely create a new SG after you create a VPC

astonishing-exabyte-93491 · Answer

I see

salmon-account-74572 · Answer

Here s an example in Go the `VpcId` property takes the ID of a previously created in the same program VPC ``` Create a security group securityGroup err = ec2 NewSecurityGroup ctx security group amp ec2 SecurityGroupArgs Name pulumi String securityGroupName VpcId vpc ID Description pulumi String Allows SSH traffic to hosts Ingress ec2 SecurityGroupIngressArray ec2 SecurityGroupIngressArgs Protocol pulumi String tcp ToPort 22 FromPort 22 Description pulumi String Allow inbound SSH TCP 22 from anywhere CidrBlocks pulumi StringArray pulumi String 0 0 0 0 0 ec2 SecurityGroupIngressArgs Protocol pulumi String udp ToPort 51280 FromPort 51280 Description pulumi String Allow Wireguard VPN UDP 51280 from anywhere CidrBlocks pulumi StringArray pulumi String 0 0 0 0 0 Egress ec2 SecurityGroupEgressArray ec2 SecurityGroupEgressArgs Protocol pulumi String 1 ToPort 0 FromPort 0 Description pulumi String Allow all outbound traffic CidrBlocks pulumi StringArray pulumi String 0 0 0 0 0 ```