Are there pre-built security groups with well-know...
# aws
Are there pre-built security groups with well-known rules and rule groups? Like the Terraform "aws security-group" module? I'd like a shortcut for creating the security group needed for EC2 instances to join an AD domain, and there's about 16 well-known rules needed...
I'm not aware of a community module for this. This should be really straightforward with something like below:
Copy code
const adSg = new aws.ec2.SecurityGroup("ad", {
    egress: [
      // your rules here
I'm curious... what does the Terraform security-group module provide in addition to this?
Named port/protocol combinations (e.g.
), and named rule groups (e.g.
), and a couple of snart wrappers.
So you can create things like an ingress activemq security group in about 10 lines.
ActiveMQ only needs (iirc) 5 rules.. AD is much bigger, needs about 16 egress rules for the Domain members. Fortunately, just creating an AD directory creates the equivalent ingress security group for the controller.
Is there a usual way to contribute community modules? I need to create two ComponentResources for AD, and the "member" one might be big enough to save someone else some effort. There's a security group, all the rules, the SSM document and the IAM stuff needed to use it.
I haven’t looked deeply yet but does the
package have some of what you need?