Resource: aws_ec2_traffic_mirror_filter_rule

Provides an Traffic mirror filter rule.
Read limits and considerations for traffic mirroring

Example Usage

To create a basic traffic mirror session

resource "aws_ec2_traffic_mirror_filter" "filter" {
  description      = "traffic mirror filter - terraform example"
  network_services = ["amazon-dns"]
}

resource "aws_ec2_traffic_mirror_filter_rule" "ruleout" {
  description              = "test rule"
  traffic_mirror_filter_id = aws_ec2_traffic_mirror_filter.filter.id
  destination_cidr_block   = "10.0.0.0/8"
  source_cidr_block        = "10.0.0.0/8"
  rule_number              = 1
  rule_action              = "accept"
  traffic_direction        = "egress"
}

resource "aws_ec2_traffic_mirror_filter_rule" "rulein" {
  description              = "test rule"
  traffic_mirror_filter_id = aws_ec2_traffic_mirror_filter.filter.id
  destination_cidr_block   = "10.0.0.0/8"
  source_cidr_block        = "10.0.0.0/8"
  rule_number              = 1
  rule_action              = "accept"
  traffic_direction        = "ingress"
  protocol                 = 6

  destination_port_range {
    from_port = 22
    to_port   = 53
  }

  source_port_range {
    from_port = 0
    to_port   = 10
  }
}

Argument Reference

This resource supports the following arguments:

Traffic mirror port range support following attributes:

Attribute Reference

This resource exports the following attributes in addition to the arguments above:

Import

In Terraform v1.5.0 and later, use an import block to import traffic mirror rules using the traffic_mirror_filter_id and id separated by :. For example:

import {
  to = aws_ec2_traffic_mirror_filter_rule.rule
  id = "tmf-0fbb93ddf38198f64:tmfr-05a458f06445d0aee"
}

Using terraform import, import traffic mirror rules using the traffic_mirror_filter_id and id separated by :. For example:

% terraform import aws_ec2_traffic_mirror_filter_rule.rule tmf-0fbb93ddf38198f64:tmfr-05a458f06445d0aee