https://pulumi.com logo
Powered by
Title
j

jolly-fall-57688

11/17/2022, 9:17 PM
How do I specify more than one ingress and egress rule for a security group using pulumi? haven't found an example using python. Thanks in advance. 
sg = aws.ec2.SecurityGroup("dev-sg",
    description = "Allow web traffic for cluster",
    vpc_id = vpc.vpc_id,
    ingress = [aws.ec2.SecurityGroupIngressArgs(
        description = "Allow port 80 inbound from Internet",
        from_port = 80,
        to_port = 80,
        protocol = "TCP",
        cidr_blocks = ["0.0.0.0/0"]
    )],
    egress = [aws.ec2.SecurityGroupEgressArgs(
        description = "Allow all traffic out from cluster",
        from_port = 0,
        to_port = 0,
        protocol = "-1",
        cidr_blocks = ["0.0.0.0/0"]
    )]
)
How would I add a second ingress and egress rule to this security group?
b

billowy-army-68599

11/17/2022, 9:22 PM
https://www.pulumi.com/registry/packages/aws/api-docs/ec2/securitygrouprule/
you can either add it inline to the 
ingress
or 
egress
array, or define a rule for each
j

jolly-fall-57688

11/17/2022, 9:39 PM
sg = aws.ec2.SecurityGroup("dev-sg",
    description = "Allow web traffic for cluster",
    vpc_id = vpc.vpc_id,
    ingress = [aws.ec2.SecurityGroupIngressArgs(
        description = "Allow port 80 inbound from Internet",
        from_port = 80,
        to_port = 80,
        protocol = "TCP",
        cidr_blocks = ["0.0.0.0/0"]
    ),
        description = "Allow port 3000 in from the SG",
        from_port = 3000,
        to_port = 3000,
        protocol = "TCP",
        self = True
    ],
    egress = [aws.ec2.SecurityGroupEgressArgs(
        description = "Allow all traffic out from cluster",
        from_port = 0,
        to_port = 0,
        protocol = "-1",
        cidr_blocks = ["0.0.0.0/0"],
        description = "Allow port 3000 out to the SG",
        from_port = 3000,
        to_prot = 3000,
        protocol = "TCP",
        self = True
    )]
)
I can't seem to get the inline to work
b

billowy-army-68599

11/17/2022, 9:43 PM
sg = aws.ec2.SecurityGroup("dev-sg",
    description = "Allow web traffic for cluster",
    vpc_id = vpc.vpc_id,
    ingress = [aws.ec2.SecurityGroupIngressArgs(
        description = "Allow port 80 inbound from Internet",
        from_port = 80,
        to_port = 80,
        protocol = "TCP",
        cidr_blocks = ["0.0.0.0/0"]
    ),
        aws.ec2.SecurityGroupIngressArgs(
        description = "Allow port 3000 in from the SG",
        from_port = 3000,
        to_port = 3000,
        protocol = "TCP",
        self = True)
    ],
)
j

jolly-fall-57688

11/17/2022, 9:45 PM
Thankyou I forgot the Args... Working now 
sg = aws.ec2.SecurityGroup("dev-sg",
    description = "Allow web traffic for cluster",
    vpc_id = vpc.vpc_id,
    ingress = [aws.ec2.SecurityGroupIngressArgs(
        description = "Allow port 80 inbound from Internet",
        from_port = 80,
        to_port = 80,
        protocol = "TCP",
        cidr_blocks = ["0.0.0.0/0"]
    ),
    aws.ec2.SecurityGroupIngressArgs(
        description = "Allow port 3000 in from the SG",
        from_port = 3000,
        to_port = 3000,
        protocol = "TCP",
        self = True
    )],
    egress = [aws.ec2.SecurityGroupEgressArgs(
        description = "Allow all traffic out from cluster",
        from_port = 0,
        to_port = 0,
        protocol = "-1",
        cidr_blocks = ["0.0.0.0/0"],
    ),
    aws.ec2.SecurityGroupIngressArgs(
        description = "Allow port 3000 out to the SG",
        from_port = 3000,
        to_port = 3000,
        protocol = "TCP",
        self = True
    )]
)
#awsJoin Slack
Powered by