01/04/2022, 5:36 PM
I'm trying to create an EKS cluster using a mix of the AWS Native package and the AWS Classic. I'm using the Classic to create a security group as it didn't seem possible in the Native, and am then trying to use the Id of that security group (e.g. sg-########) < the docs here seem to me to be pretty clear that there is an output called Id and thus for a security group object called sg I should be able to get it using sd.Id, but when I try that I get the error message
./main.go:153:22: sg.Id undefined (type *ec2.SecurityGroup has no field or method Id)
I'll post my code as a thread to avoid clutter.
sg, err := ec2.NewSecurityGroup(ctx, "EKS", &ec2.SecurityGroupArgs{
                        Description: pulumi.String("Group for the EKS cluster"),
                        VpcId: pulumi.String(vpcid),
                        Ingress: ec2.SecurityGroupIngressArray{
                                // Allow ssh in from the ssh hosts
                                        Description: pulumi.String("ssh in from the ssh-hosts"),
                                        FromPort: <http://pulumi.Int|pulumi.Int>(22),
                                        ToPort: <http://pulumi.Int|pulumi.Int>(22),
                                        Protocol: pulumi.String("tcp"),
                                        SecurityGroups: pulumi.StringArray{
                                                pulumi.String("sg-0f61cce3d6946c140"), // This needs to be looked up as this is the Test one
                        Egress:  ec2.SecurityGroupEgressArray{
                                // allow https out to anywhere
                                        FromPort: <http://pulumi.Int|pulumi.Int>(443),
                                        ToPort:   <http://pulumi.Int|pulumi.Int>(443),
                                        Protocol: pulumi.String("tcp"),
                                        CidrBlocks: pulumi.StringArray{
                                        Ipv6CidrBlocks: pulumi.StringArray{
                        Tags: pulumi.StringMap{
                                "Name": pulumi.String("Test-EKS"), // needs to be compiled from the VPC and -EKS
                // Create an EKS cluster with the default configuration.
                cluster, err := eks.NewCluster(ctx, "Test", &eks.ClusterArgs{
                        ResourcesVpcConfig: &eks.ClusterResourcesVpcConfigArgs{
                                SubnetIds: pulumi.StringArray{
                                EndpointPrivateAccess: pulumi.Bool(true),
                                EndpointPublicAccess: pulumi.Bool(false),
                                SecurityGroupIds: pulumi.StringArray{
                        RoleArn: eksRole.Arn,
                if err != nil {
                        return err
These are the blocks where I create the sg and try to use the Id in the EKS cluster block. I can get the Arn, with sg.Arn or the account id with sg.OwnerId
I guess I'll have to parse the ARN and get the sg-#### string that way but I'm puzzled as to why sg.Id fails.


01/04/2022, 6:28 PM
@creamy-holiday-75376 I believe you need
you might consider using our EKS package to make your life easier


01/04/2022, 6:34 PM
Thanks, I was sure I tried that 😅 , but it seems to be working now.
I did try the EKS package, but for reasons lost in a haze of Xmas I switched to doing it by hand.