1. Packages
  2. AWS Classic
  3. API Docs
  4. ec2
  5. getSecurityGroup

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.27.0 published on Monday, Mar 18, 2024 by Pulumi

aws.ec2.getSecurityGroup

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.27.0 published on Monday, Mar 18, 2024 by Pulumi

    aws.ec2.SecurityGroup provides details about a specific Security Group.

    This resource can prove useful when a module accepts a Security Group id as an input variable and needs to, for example, determine the id of the VPC that the security group belongs to.

    Example Usage

    The following example shows how one might accept a Security Group id as a variable and use this data source to obtain the data necessary to create a subnet.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const config = new pulumi.Config();
    const securityGroupId = config.requireObject("securityGroupId");
    const selected = aws.ec2.getSecurityGroup({
        id: securityGroupId,
    });
    const subnet = new aws.ec2.Subnet("subnet", {
        vpcId: selected.then(selected => selected.vpcId),
        cidrBlock: "10.0.1.0/24",
    });
    
    import pulumi
    import pulumi_aws as aws
    
    config = pulumi.Config()
    security_group_id = config.require_object("securityGroupId")
    selected = aws.ec2.get_security_group(id=security_group_id)
    subnet = aws.ec2.Subnet("subnet",
        vpc_id=selected.vpc_id,
        cidr_block="10.0.1.0/24")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cfg := config.New(ctx, "")
    		securityGroupId := cfg.RequireObject("securityGroupId")
    		selected, err := ec2.LookupSecurityGroup(ctx, &ec2.LookupSecurityGroupArgs{
    			Id: pulumi.StringRef(securityGroupId),
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = ec2.NewSubnet(ctx, "subnet", &ec2.SubnetArgs{
    			VpcId:     *pulumi.String(selected.VpcId),
    			CidrBlock: pulumi.String("10.0.1.0/24"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var config = new Config();
        var securityGroupId = config.RequireObject<dynamic>("securityGroupId");
        var selected = Aws.Ec2.GetSecurityGroup.Invoke(new()
        {
            Id = securityGroupId,
        });
    
        var subnet = new Aws.Ec2.Subnet("subnet", new()
        {
            VpcId = selected.Apply(getSecurityGroupResult => getSecurityGroupResult.VpcId),
            CidrBlock = "10.0.1.0/24",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.ec2.Ec2Functions;
    import com.pulumi.aws.ec2.inputs.GetSecurityGroupArgs;
    import com.pulumi.aws.ec2.Subnet;
    import com.pulumi.aws.ec2.SubnetArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var config = ctx.config();
            final var securityGroupId = config.get("securityGroupId");
            final var selected = Ec2Functions.getSecurityGroup(GetSecurityGroupArgs.builder()
                .id(securityGroupId)
                .build());
    
            var subnet = new Subnet("subnet", SubnetArgs.builder()        
                .vpcId(selected.applyValue(getSecurityGroupResult -> getSecurityGroupResult.vpcId()))
                .cidrBlock("10.0.1.0/24")
                .build());
    
        }
    }
    
    configuration:
      securityGroupId:
        type: dynamic
    resources:
      subnet:
        type: aws:ec2:Subnet
        properties:
          vpcId: ${selected.vpcId}
          cidrBlock: 10.0.1.0/24
    variables:
      selected:
        fn::invoke:
          Function: aws:ec2:getSecurityGroup
          Arguments:
            id: ${securityGroupId}
    

    Using getSecurityGroup

    Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

    function getSecurityGroup(args: GetSecurityGroupArgs, opts?: InvokeOptions): Promise<GetSecurityGroupResult>
    function getSecurityGroupOutput(args: GetSecurityGroupOutputArgs, opts?: InvokeOptions): Output<GetSecurityGroupResult>
    def get_security_group(filters: Optional[Sequence[GetSecurityGroupFilter]] = None,
                           id: Optional[str] = None,
                           name: Optional[str] = None,
                           tags: Optional[Mapping[str, str]] = None,
                           vpc_id: Optional[str] = None,
                           opts: Optional[InvokeOptions] = None) -> GetSecurityGroupResult
    def get_security_group_output(filters: Optional[pulumi.Input[Sequence[pulumi.Input[GetSecurityGroupFilterArgs]]]] = None,
                           id: Optional[pulumi.Input[str]] = None,
                           name: Optional[pulumi.Input[str]] = None,
                           tags: Optional[pulumi.Input[Mapping[str, pulumi.Input[str]]]] = None,
                           vpc_id: Optional[pulumi.Input[str]] = None,
                           opts: Optional[InvokeOptions] = None) -> Output[GetSecurityGroupResult]
    func LookupSecurityGroup(ctx *Context, args *LookupSecurityGroupArgs, opts ...InvokeOption) (*LookupSecurityGroupResult, error)
    func LookupSecurityGroupOutput(ctx *Context, args *LookupSecurityGroupOutputArgs, opts ...InvokeOption) LookupSecurityGroupResultOutput

    > Note: This function is named LookupSecurityGroup in the Go SDK.

    public static class GetSecurityGroup 
    {
        public static Task<GetSecurityGroupResult> InvokeAsync(GetSecurityGroupArgs args, InvokeOptions? opts = null)
        public static Output<GetSecurityGroupResult> Invoke(GetSecurityGroupInvokeArgs args, InvokeOptions? opts = null)
    }
    public static CompletableFuture<GetSecurityGroupResult> getSecurityGroup(GetSecurityGroupArgs args, InvokeOptions options)
    // Output-based functions aren't available in Java yet
    
    fn::invoke:
      function: aws:ec2/getSecurityGroup:getSecurityGroup
      arguments:
        # arguments dictionary

    The following arguments are supported:

    Filters List<GetSecurityGroupFilter>
    Custom filter block as described below.
    Id string
    Id of the specific security group to retrieve.
    Name string
    Name of the field to filter by, as defined by the underlying AWS API.
    Tags Dictionary<string, string>
    Map of tags, each pair of which must exactly match a pair on the desired security group.
    VpcId string

    Id of the VPC that the desired security group belongs to.

    More complex filters can be expressed using one or more filter sub-blocks, which take the following arguments:

    Filters []GetSecurityGroupFilter
    Custom filter block as described below.
    Id string
    Id of the specific security group to retrieve.
    Name string
    Name of the field to filter by, as defined by the underlying AWS API.
    Tags map[string]string
    Map of tags, each pair of which must exactly match a pair on the desired security group.
    VpcId string

    Id of the VPC that the desired security group belongs to.

    More complex filters can be expressed using one or more filter sub-blocks, which take the following arguments:

    filters List<GetSecurityGroupFilter>
    Custom filter block as described below.
    id String
    Id of the specific security group to retrieve.
    name String
    Name of the field to filter by, as defined by the underlying AWS API.
    tags Map<String,String>
    Map of tags, each pair of which must exactly match a pair on the desired security group.
    vpcId String

    Id of the VPC that the desired security group belongs to.

    More complex filters can be expressed using one or more filter sub-blocks, which take the following arguments:

    filters GetSecurityGroupFilter[]
    Custom filter block as described below.
    id string
    Id of the specific security group to retrieve.
    name string
    Name of the field to filter by, as defined by the underlying AWS API.
    tags {[key: string]: string}
    Map of tags, each pair of which must exactly match a pair on the desired security group.
    vpcId string

    Id of the VPC that the desired security group belongs to.

    More complex filters can be expressed using one or more filter sub-blocks, which take the following arguments:

    filters Sequence[GetSecurityGroupFilter]
    Custom filter block as described below.
    id str
    Id of the specific security group to retrieve.
    name str
    Name of the field to filter by, as defined by the underlying AWS API.
    tags Mapping[str, str]
    Map of tags, each pair of which must exactly match a pair on the desired security group.
    vpc_id str

    Id of the VPC that the desired security group belongs to.

    More complex filters can be expressed using one or more filter sub-blocks, which take the following arguments:

    filters List<Property Map>
    Custom filter block as described below.
    id String
    Id of the specific security group to retrieve.
    name String
    Name of the field to filter by, as defined by the underlying AWS API.
    tags Map<String>
    Map of tags, each pair of which must exactly match a pair on the desired security group.
    vpcId String

    Id of the VPC that the desired security group belongs to.

    More complex filters can be expressed using one or more filter sub-blocks, which take the following arguments:

    getSecurityGroup Result

    The following output properties are available:

    Arn string
    Computed ARN of the security group.
    Description string
    Description of the security group.
    Id string
    Name string
    Tags Dictionary<string, string>
    VpcId string
    Filters List<GetSecurityGroupFilter>
    Arn string
    Computed ARN of the security group.
    Description string
    Description of the security group.
    Id string
    Name string
    Tags map[string]string
    VpcId string
    Filters []GetSecurityGroupFilter
    arn String
    Computed ARN of the security group.
    description String
    Description of the security group.
    id String
    name String
    tags Map<String,String>
    vpcId String
    filters List<GetSecurityGroupFilter>
    arn string
    Computed ARN of the security group.
    description string
    Description of the security group.
    id string
    name string
    tags {[key: string]: string}
    vpcId string
    filters GetSecurityGroupFilter[]
    arn str
    Computed ARN of the security group.
    description str
    Description of the security group.
    id str
    name str
    tags Mapping[str, str]
    vpc_id str
    filters Sequence[GetSecurityGroupFilter]
    arn String
    Computed ARN of the security group.
    description String
    Description of the security group.
    id String
    name String
    tags Map<String>
    vpcId String
    filters List<Property Map>

    Supporting Types

    GetSecurityGroupFilter

    Name string
    Name of the field to filter by, as defined by the underlying AWS API.
    Values List<string>
    Set of values that are accepted for the given field. A Security Group will be selected if any one of the given values matches.
    Name string
    Name of the field to filter by, as defined by the underlying AWS API.
    Values []string
    Set of values that are accepted for the given field. A Security Group will be selected if any one of the given values matches.
    name String
    Name of the field to filter by, as defined by the underlying AWS API.
    values List<String>
    Set of values that are accepted for the given field. A Security Group will be selected if any one of the given values matches.
    name string
    Name of the field to filter by, as defined by the underlying AWS API.
    values string[]
    Set of values that are accepted for the given field. A Security Group will be selected if any one of the given values matches.
    name str
    Name of the field to filter by, as defined by the underlying AWS API.
    values Sequence[str]
    Set of values that are accepted for the given field. A Security Group will be selected if any one of the given values matches.
    name String
    Name of the field to filter by, as defined by the underlying AWS API.
    values List<String>
    Set of values that are accepted for the given field. A Security Group will be selected if any one of the given values matches.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.27.0 published on Monday, Mar 18, 2024 by Pulumi