2014-07-23 22:32:33 +02:00
|
|
|
---
|
|
|
|
layout: "aws"
|
|
|
|
page_title: "AWS: aws_security_group"
|
|
|
|
sidebar_current: "docs-aws-resource-security-group"
|
2014-10-22 05:21:56 +02:00
|
|
|
description: |-
|
|
|
|
Provides an security group resource.
|
2014-07-23 22:32:33 +02:00
|
|
|
---
|
|
|
|
|
|
|
|
# aws\_security\_group
|
|
|
|
|
|
|
|
Provides an security group resource.
|
|
|
|
|
|
|
|
## Example Usage
|
|
|
|
|
2014-10-14 23:07:01 +02:00
|
|
|
Basic usage
|
|
|
|
|
2014-07-23 22:32:33 +02:00
|
|
|
```
|
|
|
|
resource "aws_security_group" "allow_all" {
|
2014-10-14 23:07:01 +02:00
|
|
|
name = "allow_all"
|
2014-08-03 04:39:22 +02:00
|
|
|
description = "Allow all inbound traffic"
|
|
|
|
|
2014-10-14 23:07:01 +02:00
|
|
|
ingress {
|
|
|
|
from_port = 0
|
|
|
|
to_port = 65535
|
|
|
|
protocol = "tcp"
|
|
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
Basic usage with tags:
|
|
|
|
|
|
|
|
```
|
|
|
|
resource "aws_security_group" "allow_all" {
|
|
|
|
name = "allow_all"
|
|
|
|
description = "Allow all inbound traffic"
|
|
|
|
|
|
|
|
ingress {
|
|
|
|
from_port = 0
|
|
|
|
to_port = 65535
|
|
|
|
protocol = "tcp"
|
|
|
|
cidr_blocks = ["0.0.0.0/0"]
|
|
|
|
}
|
|
|
|
|
|
|
|
tags {
|
|
|
|
Name = "allow_all"
|
|
|
|
}
|
2014-07-23 22:32:33 +02:00
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
## Argument Reference
|
|
|
|
|
|
|
|
The following arguments are supported:
|
|
|
|
|
|
|
|
* `name` - (Required) The name of the security group
|
2014-07-30 23:59:09 +02:00
|
|
|
* `description` - (Required) The security group description.
|
2014-12-08 08:52:04 +01:00
|
|
|
* `ingress` - (Optional) Can be specified multiple times for each
|
2014-07-23 22:32:33 +02:00
|
|
|
ingress rule. Each ingress block supports fields documented below.
|
|
|
|
* `vpc_id` - (Optional) The VPC ID.
|
|
|
|
* `owner_id` - (Optional) The AWS Owner ID.
|
|
|
|
|
|
|
|
The `ingress` block supports:
|
|
|
|
|
2015-01-14 18:28:25 +01:00
|
|
|
* `cidr_blocks` - (Optional) List of CIDR blocks. Cannot be used with `security_groups`.
|
2014-07-23 22:32:33 +02:00
|
|
|
* `from_port` - (Required) The start port.
|
|
|
|
* `protocol` - (Required) The protocol.
|
2015-01-14 18:28:25 +01:00
|
|
|
* `security_groups` - (Optional) List of security group IDs. Cannot be used with `cidr_blocks`.
|
2014-09-30 23:19:16 +02:00
|
|
|
* `self` - (Optional) If true, the security group itself will be added as
|
|
|
|
a source to this ingress rule.
|
2014-07-23 22:32:33 +02:00
|
|
|
* `to_port` - (Required) The end range port.
|
2014-10-14 23:07:01 +02:00
|
|
|
* `tags` - (Optional) A mapping of tags to assign to the resource.
|
2014-07-23 22:32:33 +02:00
|
|
|
|
|
|
|
## Attributes Reference
|
|
|
|
|
|
|
|
The following attributes are exported:
|
|
|
|
|
|
|
|
* `id` - The ID of the security group
|
|
|
|
* `vpc_id` - The VPC ID.
|
|
|
|
* `owner_id` - The owner ID.
|
|
|
|
* `name` - The name of the security group
|
|
|
|
* `description` - The description of the security group
|
|
|
|
* `ingress` - The ingress rules. See above for more.
|