No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

I recommend defining sg rules as `ec2.SecurityGroupRule` instead, makes it simple to reference them afterwards too. Otherwise, from the example in python:
```        allow_tls = aws.ec2.SecurityGroup("allowTls",
            description="Allow TLS inbound traffic",
            vpc_id=aws_vpc["main"]["id"],
            ingress=[{
                "description": "TLS from VPC",
                "from_port": 443,
                "to_port": 443,
                "protocol": "tcp",
                "cidr_blocks": [aws_vpc["main"]["cidr_block"]],
            }],
            egress=[{
                "from_port": 0,
                "to_port": 0,
                "protocol": "-1",
                "cidr_blocks": ["0.0.0.0/0"],
            }],
            tags={
                "Name": "allow_tls",
            })```


Oh great, this is another way of trying, Thank you Will for suggestion.