How to add rules to security group?

smoketurner / serverless-vpc-plugin

Serverless Plugin to create a VPC

MIT License

88 stars 35 forks source link

How to add rules to security group? #922

Closed buddhaCode closed 2 years ago

buddhaCode commented 2 years ago

Hi folks, thanks for the great plugin. I am pretty new to the Serverless Framework. I need to add a rule to the created security group. Is there any way to reference the security group in the Resources section?

Best, Arne

jawadst commented 2 years ago

You can reference the CF outputs referenced on https://github.com/smoketurner/serverless-vpc-plugin#cloudformation-outputs

Example for adding an egress rule to the app security group:

  AppEgressToDax:
    Type: AWS::EC2::SecurityGroupEgress
    Properties:
      Description: 'Traffic to TLS DAX'
      IpProtocol: tcp
      FromPort: 9111
      ToPort: 9111
      GroupId: !GetAtt AppSecurityGroup.GroupId
      DestinationSecurityGroupId: 'group id'

buddhaCode commented 2 years ago

Hi @jawadst, thanks for your help. That worked absolutely fine.

One addition for others seeking for help. The DestinationSecurityGroupId: 'group id' is an invalid entry. For all options see the AWS docs.