SecurityGroup
The SecurityGroup resource lets you manage AWS EC2 SecurityGroups and their configuration settings.
Minimal Example
Section titled “Minimal Example”Create a basic security group with a description and a VPC ID:
import AWS from "alchemy/aws/control";
const basicSecurityGroup = await AWS.EC2.SecurityGroup("basicSecurityGroup", { GroupDescription: "Allow SSH access", VpcId: "vpc-12345abcde", SecurityGroupIngress: [{ IpProtocol: "tcp", FromPort: 22, ToPort: 22, CidrIp: "203.0.113.0/24" }]});Advanced Configuration
Section titled “Advanced Configuration”Configure a security group with both ingress and egress rules for HTTP and HTTPS access:
const advancedSecurityGroup = await AWS.EC2.SecurityGroup("advancedSecurityGroup", { GroupDescription: "Allow HTTP and HTTPS access", VpcId: "vpc-12345abcde", SecurityGroupIngress: [ { IpProtocol: "tcp", FromPort: 80, ToPort: 80, CidrIp: "0.0.0.0/0" }, { IpProtocol: "tcp", FromPort: 443, ToPort: 443, CidrIp: "0.0.0.0/0" } ], SecurityGroupEgress: [{ IpProtocol: "-1", // Allows all outbound traffic CidrIp: "0.0.0.0/0" }]});Custom Name and Tags
Section titled “Custom Name and Tags”Create a security group with a custom name and tags for better identification:
const taggedSecurityGroup = await AWS.EC2.SecurityGroup("taggedSecurityGroup", { GroupDescription: "Allow database access", GroupName: "db-access-sg", VpcId: "vpc-12345abcde", SecurityGroupIngress: [{ IpProtocol: "tcp", FromPort: 3306, ToPort: 3306, CidrIp: "192.0.2.0/24" }], Tags: [ { Key: "Environment", Value: "Production" }, { Key: "Department", Value: "Engineering" } ]});Adopting Existing Resources
Section titled “Adopting Existing Resources”If you want to adopt an existing security group instead of creating a new one, set the adopt property to true:
const existingSecurityGroup = await AWS.EC2.SecurityGroup("existingSecurityGroup", { GroupDescription: "Adopt existing security group", adopt: true});