No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Is there a way to get the `<http://awsx.lb|awsx.lb>.ApplicationListener` resource to not create security group rules? Even when I specifically pass a security group, it still adds additional rules to that SG to allow all traffic to the specified port. I'm trying to lock down the endpoint to specific CIDR blocks for now. I'll post code and pulumi output in the thread

listener.js

image.png

Resources that would be created from `pulumi up`

You can't do it natively with awsx, you can either:
- use a transform to modify the security group/omit it: <https://www.pulumi.com/docs/intro/concepts/resources/#transformations>
- manually add your ApplicationListener with the aws library buiilding blocks

okay gotcha, thanks <@UCWG26BH7>. That gives me a way forward :thumbsup: