Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
package-authoring
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
s
salmon-hairdresser-65532
11/28/2022, 4:21 PMHi all,
I have a question regarding security group ingress. It can be specified using the ingress argument or using the SecurityGroupRule. The latter has the source_security_group_id argument, which is what I would like to use. Does specifying security_groups under SecurityGroupIngress have the same effect?
b
billowy-army-68599
11/28/2022, 4:26 PMyes, they’re effectively the same
p
purple-coat-73595
11/28/2022, 4:41 PMYes and no (I've been using them in Terraform some time ago) - if you use them both in the same security group, you will have a conflict. You should:
• use "in-line" if you know all the rules when creating a security group
• use a "standalone Security Group Rule" when you are creating a security group in one place and can change some of the rules in another place
• never use them both in the same security group
In my opinion using a "standalone Security Group Rule" is more universal in most cases.
s
salmon-hairdresser-65532
11/28/2022, 4:42 PMThanks for clarification @billowy-army-68599 and @purple-coat-73595!