SecurityGroup

---

Resource Icon

Resource Overview

A security group controls inbound and outbound traffic for associated resources. For example, when a security group is associated with an EC2 instance, it controls inbound and outbound traffic for that instance. A security group can be associated only with resources in the VPC in which the security group was created. When a VPC is created, it comes with a default security group, and additional security groups can be created for each VPC. Using security groups does not incur additional charges.

Associated Resources

Parent Resources

• Vpc

Connected Resources

• Lb
• NetworkInterface
• EksCluster
• Elasticsearch
• LambdaFunction
• Aurora
• Mariadb
• Mssql
• Mysql
• Oracle
• Postgresql
• LaunchTemplate
• ResolverEndpoint
• ClientVpnEndpoint
• Endpoint

---

Resource Configuration

Basic Settings

• description : Description of the security group
• included_vpc_name : Name of the VPC that contains the security group

Inbound Rules (ingress)

• ingress.rule_name : Ingress rule name
• ingress.description : Ingress rule description
• ingress.from_port : Start port number to allow
• ingress.to_port : End port number to allow
• ingress.protocol : Protocol - tcp, udp, icmp, all
• ingress.cidr_block : Source CIDR block to allow

Outbound Rules (egress)

• egress.rule_name : Egress rule name
• egress.description : Egress rule description
• egress.from_port : Start port number to allow
• egress.to_port : End port number to allow
• egress.protocol : Protocol - tcp, udp, icmp, icmpv6, all
• egress.cidr_block : Destination CIDR block to allow

Tags

• tag : Tags used to categorize the resource

---

References

• Controlling traffic to resources using security groups (AWS)
• aws_security_group (Terraform)