aws-cdk-lib.aws_ec2.ISecurityGroup

interface ISecurityGroup

LanguageType name
.NETAmazon.CDK.AWS.EC2.ISecurityGroup
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsec2#ISecurityGroup
Javasoftware.amazon.awscdk.services.ec2.ISecurityGroup
Pythonaws_cdk.aws_ec2.ISecurityGroup
TypeScript (source)aws-cdk-lib » aws_ec2 » ISecurityGroup

Implemented by SecurityGroup

Obtainable from SecurityGroup.fromLookupById(), SecurityGroup.fromLookupByName(), SecurityGroup.fromSecurityGroupId()

Interface for security group-like objects.

Properties

NameTypeDescription
allowAllOutboundbooleanWhether the SecurityGroup has been configured to allow all outbound traffic.
canInlineRulebooleanWhether the rule can be inlined into a SecurityGroup or not.
connectionsConnectionsThe network connections associated with this resource.
envResourceEnvironmentThe environment this resource belongs to.
nodeNodeThe tree node.
securityGroupIdstringID for the current security group.
stackStackThe stack in which this resource is defined.
uniqueIdstringA unique identifier for this connection peer.

allowAllOutbound

Type: boolean

Whether the SecurityGroup has been configured to allow all outbound traffic.


canInlineRule

Type: boolean

Whether the rule can be inlined into a SecurityGroup or not.


connections

Type: Connections

The network connections associated with this resource.


env

Type: ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.


node

Type: Node

The tree node.


securityGroupId

Type: string

ID for the current security group.


stack

Type: Stack

The stack in which this resource is defined.


uniqueId

Type: string

A unique identifier for this connection peer.

Methods

NameDescription
addEgressRule(peer, connection, description?, remoteRule?)Add an egress rule for the current security group.
addIngressRule(peer, connection, description?, remoteRule?)Add an ingress rule for the current security group.
applyRemovalPolicy(policy)Apply the given removal policy to this resource.
toEgressRuleConfig()Produce the egress rule JSON for the given connection.
toIngressRuleConfig()Produce the ingress rule JSON for the given connection.

addEgressRule(peer, connection, description?, remoteRule?)

public addEgressRule(peer: IPeer, connection: Port, description?: string, remoteRule?: boolean): void

Parameters

  • peer IPeer
  • connection Port
  • description string
  • remoteRule boolean

Add an egress rule for the current security group.

remoteRule controls where the Rule object is created if the peer is also a securityGroup and they are in different stack. If false (default) the rule object is created under the current SecurityGroup object. If true and the peer is also a SecurityGroup, the rule object is created under the remote SecurityGroup object.


addIngressRule(peer, connection, description?, remoteRule?)

public addIngressRule(peer: IPeer, connection: Port, description?: string, remoteRule?: boolean): void

Parameters

  • peer IPeer
  • connection Port
  • description string
  • remoteRule boolean

Add an ingress rule for the current security group.

remoteRule controls where the Rule object is created if the peer is also a securityGroup and they are in different stack. If false (default) the rule object is created under the current SecurityGroup object. If true and the peer is also a SecurityGroup, the rule object is created under the remote SecurityGroup object.


applyRemovalPolicy(policy)

public applyRemovalPolicy(policy: RemovalPolicy): void

Parameters

  • policy RemovalPolicy

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).


toEgressRuleConfig()

public toEgressRuleConfig(): any

Returns

  • any

Produce the egress rule JSON for the given connection.


toIngressRuleConfig()

public toIngressRuleConfig(): any

Returns

  • any

Produce the ingress rule JSON for the given connection.