Docs
PackagesTry AWS Native preview for resources not in the classic version.
AWS Classic v6.2.1 published on Friday, Sep 22, 2023 by Pulumi
aws.ec2.NetworkInterfaceSecurityGroupAttachment
Explore with Pulumi AI
Try AWS Native preview for resources not in the classic version.
AWS Classic v6.2.1 published on Friday, Sep 22, 2023 by Pulumi
This resource attaches a security group to an Elastic Network Interface (ENI). It can be used to attach a security group to any existing ENI, be it a secondary ENI or one attached as the primary interface on an instance.
NOTE on instances, interfaces, and security groups: This provider currently provides the capability to assign security groups via the [
aws.ec2.Instance][1] and the [aws.ec2.NetworkInterface][2] resources. Using this resource in conjunction with security groups provided in-line in those resources will cause conflicts, and will lead to spurious diffs and undefined behavior - please use one or the other.
Example Usage
The following provides a very basic example of setting up an instance (provided
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var ami = Aws.Ec2.GetAmi.Invoke(new()
{
MostRecent = true,
Filters = new[]
{
new Aws.Ec2.Inputs.GetAmiFilterInputArgs
{
Name = "name",
Values = new[]
{
"amzn-ami-hvm-*",
},
},
},
Owners = new[]
{
"amazon",
},
});
var instance = new Aws.Ec2.Instance("instance", new()
{
InstanceType = "t2.micro",
Ami = ami.Apply(getAmiResult => getAmiResult.Id),
Tags =
{
{ "type", "test-instance" },
},
});
var sg = new Aws.Ec2.SecurityGroup("sg", new()
{
Tags =
{
{ "type", "test-security-group" },
},
});
var sgAttachment = new Aws.Ec2.NetworkInterfaceSecurityGroupAttachment("sgAttachment", new()
{
SecurityGroupId = sg.Id,
NetworkInterfaceId = instance.PrimaryNetworkInterfaceId,
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
ami, err := ec2.LookupAmi(ctx, &ec2.LookupAmiArgs{
MostRecent: pulumi.BoolRef(true),
Filters: []ec2.GetAmiFilter{
{
Name: "name",
Values: []string{
"amzn-ami-hvm-*",
},
},
},
Owners: []string{
"amazon",
},
}, nil)
if err != nil {
return err
}
instance, err := ec2.NewInstance(ctx, "instance", &ec2.InstanceArgs{
InstanceType: pulumi.String("t2.micro"),
Ami: *pulumi.String(ami.Id),
Tags: pulumi.StringMap{
"type": pulumi.String("test-instance"),
},
})
if err != nil {
return err
}
sg, err := ec2.NewSecurityGroup(ctx, "sg", &ec2.SecurityGroupArgs{
Tags: pulumi.StringMap{
"type": pulumi.String("test-security-group"),
},
})
if err != nil {
return err
}
_, err = ec2.NewNetworkInterfaceSecurityGroupAttachment(ctx, "sgAttachment", &ec2.NetworkInterfaceSecurityGroupAttachmentArgs{
SecurityGroupId: sg.ID(),
NetworkInterfaceId: instance.PrimaryNetworkInterfaceId,
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Ec2Functions;
import com.pulumi.aws.ec2.inputs.GetAmiArgs;
import com.pulumi.aws.ec2.Instance;
import com.pulumi.aws.ec2.InstanceArgs;
import com.pulumi.aws.ec2.SecurityGroup;
import com.pulumi.aws.ec2.SecurityGroupArgs;
import com.pulumi.aws.ec2.NetworkInterfaceSecurityGroupAttachment;
import com.pulumi.aws.ec2.NetworkInterfaceSecurityGroupAttachmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var ami = Ec2Functions.getAmi(GetAmiArgs.builder()
.mostRecent(true)
.filters(GetAmiFilterArgs.builder()
.name("name")
.values("amzn-ami-hvm-*")
.build())
.owners("amazon")
.build());
var instance = new Instance("instance", InstanceArgs.builder()
.instanceType("t2.micro")
.ami(ami.applyValue(getAmiResult -> getAmiResult.id()))
.tags(Map.of("type", "test-instance"))
.build());
var sg = new SecurityGroup("sg", SecurityGroupArgs.builder()
.tags(Map.of("type", "test-security-group"))
.build());
var sgAttachment = new NetworkInterfaceSecurityGroupAttachment("sgAttachment", NetworkInterfaceSecurityGroupAttachmentArgs.builder()
.securityGroupId(sg.id())
.networkInterfaceId(instance.primaryNetworkInterfaceId())
.build());
}
}
import pulumi
import pulumi_aws as aws
ami = aws.ec2.get_ami(most_recent=True,
filters=[aws.ec2.GetAmiFilterArgs(
name="name",
values=["amzn-ami-hvm-*"],
)],
owners=["amazon"])
instance = aws.ec2.Instance("instance",
instance_type="t2.micro",
ami=ami.id,
tags={
"type": "test-instance",
})
sg = aws.ec2.SecurityGroup("sg", tags={
"type": "test-security-group",
})
sg_attachment = aws.ec2.NetworkInterfaceSecurityGroupAttachment("sgAttachment",
security_group_id=sg.id,
network_interface_id=instance.primary_network_interface_id)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const ami = aws.ec2.getAmi({
mostRecent: true,
filters: [{
name: "name",
values: ["amzn-ami-hvm-*"],
}],
owners: ["amazon"],
});
const instance = new aws.ec2.Instance("instance", {
instanceType: "t2.micro",
ami: ami.then(ami => ami.id),
tags: {
type: "test-instance",
},
});
const sg = new aws.ec2.SecurityGroup("sg", {tags: {
type: "test-security-group",
}});
const sgAttachment = new aws.ec2.NetworkInterfaceSecurityGroupAttachment("sgAttachment", {
securityGroupId: sg.id,
networkInterfaceId: instance.primaryNetworkInterfaceId,
});
resources:
instance:
type: aws:ec2:Instance
properties:
instanceType: t2.micro
ami: ${ami.id}
tags:
type: test-instance
sg:
type: aws:ec2:SecurityGroup
properties:
tags:
type: test-security-group
sgAttachment:
type: aws:ec2:NetworkInterfaceSecurityGroupAttachment
properties:
securityGroupId: ${sg.id}
networkInterfaceId: ${instance.primaryNetworkInterfaceId}
variables:
ami:
fn::invoke:
Function: aws:ec2:getAmi
Arguments:
mostRecent: true
filters:
- name: name
values:
- amzn-ami-hvm-*
owners:
- amazon
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var instance = Aws.Ec2.GetInstance.Invoke(new()
{
InstanceId = "i-1234567890abcdef0",
});
var sg = new Aws.Ec2.SecurityGroup("sg", new()
{
Tags =
{
{ "type", "test-security-group" },
},
});
var sgAttachment = new Aws.Ec2.NetworkInterfaceSecurityGroupAttachment("sgAttachment", new()
{
SecurityGroupId = sg.Id,
NetworkInterfaceId = instance.Apply(getInstanceResult => getInstanceResult.NetworkInterfaceId),
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
instance, err := ec2.LookupInstance(ctx, &ec2.LookupInstanceArgs{
InstanceId: pulumi.StringRef("i-1234567890abcdef0"),
}, nil)
if err != nil {
return err
}
sg, err := ec2.NewSecurityGroup(ctx, "sg", &ec2.SecurityGroupArgs{
Tags: pulumi.StringMap{
"type": pulumi.String("test-security-group"),
},
})
if err != nil {
return err
}
_, err = ec2.NewNetworkInterfaceSecurityGroupAttachment(ctx, "sgAttachment", &ec2.NetworkInterfaceSecurityGroupAttachmentArgs{
SecurityGroupId: sg.ID(),
NetworkInterfaceId: *pulumi.String(instance.NetworkInterfaceId),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Ec2Functions;
import com.pulumi.aws.ec2.inputs.GetInstanceArgs;
import com.pulumi.aws.ec2.SecurityGroup;
import com.pulumi.aws.ec2.SecurityGroupArgs;
import com.pulumi.aws.ec2.NetworkInterfaceSecurityGroupAttachment;
import com.pulumi.aws.ec2.NetworkInterfaceSecurityGroupAttachmentArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var instance = Ec2Functions.getInstance(GetInstanceArgs.builder()
.instanceId("i-1234567890abcdef0")
.build());
var sg = new SecurityGroup("sg", SecurityGroupArgs.builder()
.tags(Map.of("type", "test-security-group"))
.build());
var sgAttachment = new NetworkInterfaceSecurityGroupAttachment("sgAttachment", NetworkInterfaceSecurityGroupAttachmentArgs.builder()
.securityGroupId(sg.id())
.networkInterfaceId(instance.applyValue(getInstanceResult -> getInstanceResult.networkInterfaceId()))
.build());
}
}
import pulumi
import pulumi_aws as aws
instance = aws.ec2.get_instance(instance_id="i-1234567890abcdef0")
sg = aws.ec2.SecurityGroup("sg", tags={
"type": "test-security-group",
})
sg_attachment = aws.ec2.NetworkInterfaceSecurityGroupAttachment("sgAttachment",
security_group_id=sg.id,
network_interface_id=instance.network_interface_id)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const instance = aws.ec2.getInstance({
instanceId: "i-1234567890abcdef0",
});
const sg = new aws.ec2.SecurityGroup("sg", {tags: {
type: "test-security-group",
}});
const sgAttachment = new aws.ec2.NetworkInterfaceSecurityGroupAttachment("sgAttachment", {
securityGroupId: sg.id,
networkInterfaceId: instance.then(instance => instance.networkInterfaceId),
});
resources:
sg:
type: aws:ec2:SecurityGroup
properties:
tags:
type: test-security-group
sgAttachment:
type: aws:ec2:NetworkInterfaceSecurityGroupAttachment
properties:
securityGroupId: ${sg.id}
networkInterfaceId: ${instance.networkInterfaceId}
variables:
instance:
fn::invoke:
Function: aws:ec2:getInstance
Arguments:
instanceId: i-1234567890abcdef0
Create NetworkInterfaceSecurityGroupAttachment Resource
new NetworkInterfaceSecurityGroupAttachment(name: string, args: NetworkInterfaceSecurityGroupAttachmentArgs, opts?: CustomResourceOptions);@overload
def NetworkInterfaceSecurityGroupAttachment(resource_name: str,
opts: Optional[ResourceOptions] = None,
network_interface_id: Optional[str] = None,
security_group_id: Optional[str] = None)
@overload
def NetworkInterfaceSecurityGroupAttachment(resource_name: str,
args: NetworkInterfaceSecurityGroupAttachmentArgs,
opts: Optional[ResourceOptions] = None)func NewNetworkInterfaceSecurityGroupAttachment(ctx *Context, name string, args NetworkInterfaceSecurityGroupAttachmentArgs, opts ...ResourceOption) (*NetworkInterfaceSecurityGroupAttachment, error)public NetworkInterfaceSecurityGroupAttachment(string name, NetworkInterfaceSecurityGroupAttachmentArgs args, CustomResourceOptions? opts = null)
public NetworkInterfaceSecurityGroupAttachment(String name, NetworkInterfaceSecurityGroupAttachmentArgs args)
public NetworkInterfaceSecurityGroupAttachment(String name, NetworkInterfaceSecurityGroupAttachmentArgs args, CustomResourceOptions options)
type: aws:ec2:NetworkInterfaceSecurityGroupAttachment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args NetworkInterfaceSecurityGroupAttachmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args NetworkInterfaceSecurityGroupAttachmentArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args NetworkInterfaceSecurityGroupAttachmentArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args NetworkInterfaceSecurityGroupAttachmentArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args NetworkInterfaceSecurityGroupAttachmentArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
NetworkInterfaceSecurityGroupAttachment Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The NetworkInterfaceSecurityGroupAttachment resource accepts the following input properties:
- Network
Interface stringId The ID of the network interface to attach to.
- Security
Group stringId The ID of the security group.
- Network
Interface stringId The ID of the network interface to attach to.
- Security
Group stringId The ID of the security group.
- network
Interface StringId The ID of the network interface to attach to.
- security
Group StringId The ID of the security group.
- network
Interface stringId The ID of the network interface to attach to.
- security
Group stringId The ID of the security group.
- network_
interface_ strid The ID of the network interface to attach to.
- security_
group_ strid The ID of the security group.
- network
Interface StringId The ID of the network interface to attach to.
- security
Group StringId The ID of the security group.
Outputs
All input properties are implicitly available as output properties. Additionally, the NetworkInterfaceSecurityGroupAttachment resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing NetworkInterfaceSecurityGroupAttachment Resource
Get an existing NetworkInterfaceSecurityGroupAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: NetworkInterfaceSecurityGroupAttachmentState, opts?: CustomResourceOptions): NetworkInterfaceSecurityGroupAttachment@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
network_interface_id: Optional[str] = None,
security_group_id: Optional[str] = None) -> NetworkInterfaceSecurityGroupAttachmentfunc GetNetworkInterfaceSecurityGroupAttachment(ctx *Context, name string, id IDInput, state *NetworkInterfaceSecurityGroupAttachmentState, opts ...ResourceOption) (*NetworkInterfaceSecurityGroupAttachment, error)public static NetworkInterfaceSecurityGroupAttachment Get(string name, Input<string> id, NetworkInterfaceSecurityGroupAttachmentState? state, CustomResourceOptions? opts = null)public static NetworkInterfaceSecurityGroupAttachment get(String name, Output<String> id, NetworkInterfaceSecurityGroupAttachmentState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Network
Interface stringId The ID of the network interface to attach to.
- Security
Group stringId The ID of the security group.
- Network
Interface stringId The ID of the network interface to attach to.
- Security
Group stringId The ID of the security group.
- network
Interface StringId The ID of the network interface to attach to.
- security
Group StringId The ID of the security group.
- network
Interface stringId The ID of the network interface to attach to.
- security
Group stringId The ID of the security group.
- network_
interface_ strid The ID of the network interface to attach to.
- security_
group_ strid The ID of the security group.
- network
Interface StringId The ID of the network interface to attach to.
- security
Group StringId The ID of the security group.
Import
Using pulumi import, import Network Interface Security Group attachments using the associated network interface ID and security group ID, separated by an underscore (_). For example:
$ pulumi import aws:ec2/networkInterfaceSecurityGroupAttachment:NetworkInterfaceSecurityGroupAttachment sg_attachment eni-1234567890abcdef0_sg-1234567890abcdef0
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.
Try AWS Native preview for resources not in the classic version.
AWS Classic v6.2.1 published on Friday, Sep 22, 2023 by Pulumi