No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

This is generally why you use the `SecurityGroupRule` resource instead of specifying the rules inline in the `SecurityGroup`.

See notes on <https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/ec2/#SecurityGroupRule>.

If I'm reading the documentation right, it says SecurityGroupRules work with "external" Security Groups. So if I'm creating security groups with Pulumi, that doesn't seem to work?

Puzzling through, it looks like I can omit the ingress/egress inline and then attach the SecurityGroupRules to the security group id.

That's right - the latter is the "right" way to do this in Pulumi and Terraform for maximum flexibility.