1. How to configure AWS subnet ACL for port 5432 inbound traffic?


    For configuring AWS subnet ACL (Access Control Lists) for the purpose of controlling inbound traffic to port 5432, Pulumi's aws.ec2.NetworkAcl and aws.ec2.NetworkAclRule are used.

    The process involves creating a Network ACL, followed by defining the specific inbound rule for the ACL (Network Access Control List).

    In the given example, an ACL is first defined by new aws.ec2.NetworkAcl. Following this, a Network ACL inbound rule is created by new aws.ec2.NetworkAclRule.

    The ingress rule is defined with "tcp" protocol (which is the protocol number 6) from port 5432 and to port 5432. We use networkAclId property to associate this rule with our previously created NetworkAcl and specify ruleNumber and ruleAction for the rule.

    import * as aws from "@pulumi/aws"; // create a new vpc const vpc = new aws.ec2.Vpc("myVpc", { cidrBlock: "" }); // create a new subnet const subnet = new aws.ec2.Subnet("mySubnet", { vpcId: vpc.id, cidrBlock: "", }); // create a new NetworkACL const networkAcl = new aws.ec2.NetworkAcl("myAcl", { vpcId: vpc.id, subnetIds: [subnet.id], }); // create a Inbound rule for the NetworkACL const postgresInboundRule = new aws.ec2.NetworkAclRule("aclRule", { networkAclId: networkAcl.id, ruleNumber: 100, egress: false, protocol: "6", // TCP ruleAction: "allow", cidrBlock: "", fromPort: 5432, toPort: 5432, });

    For documentation on these Pulumi AWS resources, refer to: