Docs Home
ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud
ibm.IsSecurityGroupRule
Explore with Pulumi AI
Create, update, or delete a security group rule. When you want to create a security group and security group rule for a virtual server instance in your VPC, you must create these resources in a specific order to avoid errors during the creation of your virtual server instance. For more information, about security group rule, see security in your VPC.
Note:
VPC infrastructure services are a regional specific based endpoint, by default targets to us-south. Please make sure to target right region in the provider block as shown in the provider.tf file, if VPC service is created in region other than us-south.
provider.tf
import * as pulumi from "@pulumi/pulumi";
import pulumi
package main
import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
return await Deployment.RunAsync(() =>
{
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
}
}
{}
Example Usage
In the following example, you create a different type of protocol rules ALL, ICMP, UDP, TCP and ANY.
import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";
const exampleIsVpc = new ibm.IsVpc("exampleIsVpc", {});
const exampleIsSecurityGroup = new ibm.IsSecurityGroup("exampleIsSecurityGroup", {vpc: exampleIsVpc.isVpcId});
const exampleIsSecurityGroupRule = new ibm.IsSecurityGroupRule("exampleIsSecurityGroupRule", {
group: exampleIsSecurityGroup.isSecurityGroupId,
direction: "inbound",
remote: "127.0.0.1",
});
const example1 = new ibm.IsSecurityGroupRule("example1", {
group: exampleIsSecurityGroup.isSecurityGroupId,
direction: "inbound",
remote: "127.0.0.1",
icmp: {
code: 20,
type: 30,
},
});
const example2 = new ibm.IsSecurityGroupRule("example2", {
group: exampleIsSecurityGroup.isSecurityGroupId,
direction: "inbound",
remote: "127.0.0.1",
udp: {
portMin: 805,
portMax: 807,
},
});
const example3 = new ibm.IsSecurityGroupRule("example3", {
group: exampleIsSecurityGroup.isSecurityGroupId,
direction: "egress",
remote: "127.0.0.1",
tcp: {
portMin: 8080,
portMax: 8080,
},
});
const exampleSecurityGroupRuleIcmpAny = new ibm.IsSecurityGroupRule("exampleSecurityGroupRuleIcmpAny", {
group: ibm_is_security_group.example_security_group.id,
direction: "inbound",
remote: "127.0.0.1",
icmp: {},
});
const exampleSecurityGroupRuleUdpAny = new ibm.IsSecurityGroupRule("exampleSecurityGroupRuleUdpAny", {
group: ibm_is_security_group.example_security_group.id,
direction: "inbound",
remote: "127.0.0.1",
udp: {},
});
const exampleSecurityGroupRuleTcpAny = new ibm.IsSecurityGroupRule("exampleSecurityGroupRuleTcpAny", {
group: ibm_is_security_group.example_security_group.id,
direction: "inbound",
remote: "127.0.0.1",
tcp: {},
});
import pulumi
import pulumi_ibm as ibm
example_is_vpc = ibm.IsVpc("exampleIsVpc")
example_is_security_group = ibm.IsSecurityGroup("exampleIsSecurityGroup", vpc=example_is_vpc.is_vpc_id)
example_is_security_group_rule = ibm.IsSecurityGroupRule("exampleIsSecurityGroupRule",
group=example_is_security_group.is_security_group_id,
direction="inbound",
remote="127.0.0.1")
example1 = ibm.IsSecurityGroupRule("example1",
group=example_is_security_group.is_security_group_id,
direction="inbound",
remote="127.0.0.1",
icmp={
"code": 20,
"type": 30,
})
example2 = ibm.IsSecurityGroupRule("example2",
group=example_is_security_group.is_security_group_id,
direction="inbound",
remote="127.0.0.1",
udp={
"port_min": 805,
"port_max": 807,
})
example3 = ibm.IsSecurityGroupRule("example3",
group=example_is_security_group.is_security_group_id,
direction="egress",
remote="127.0.0.1",
tcp={
"port_min": 8080,
"port_max": 8080,
})
example_security_group_rule_icmp_any = ibm.IsSecurityGroupRule("exampleSecurityGroupRuleIcmpAny",
group=ibm_is_security_group["example_security_group"]["id"],
direction="inbound",
remote="127.0.0.1",
icmp={})
example_security_group_rule_udp_any = ibm.IsSecurityGroupRule("exampleSecurityGroupRuleUdpAny",
group=ibm_is_security_group["example_security_group"]["id"],
direction="inbound",
remote="127.0.0.1",
udp={})
example_security_group_rule_tcp_any = ibm.IsSecurityGroupRule("exampleSecurityGroupRuleTcpAny",
group=ibm_is_security_group["example_security_group"]["id"],
direction="inbound",
remote="127.0.0.1",
tcp={})
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleIsVpc, err := ibm.NewIsVpc(ctx, "exampleIsVpc", nil)
if err != nil {
return err
}
exampleIsSecurityGroup, err := ibm.NewIsSecurityGroup(ctx, "exampleIsSecurityGroup", &ibm.IsSecurityGroupArgs{
Vpc: exampleIsVpc.IsVpcId,
})
if err != nil {
return err
}
_, err = ibm.NewIsSecurityGroupRule(ctx, "exampleIsSecurityGroupRule", &ibm.IsSecurityGroupRuleArgs{
Group: exampleIsSecurityGroup.IsSecurityGroupId,
Direction: pulumi.String("inbound"),
Remote: pulumi.String("127.0.0.1"),
})
if err != nil {
return err
}
_, err = ibm.NewIsSecurityGroupRule(ctx, "example1", &ibm.IsSecurityGroupRuleArgs{
Group: exampleIsSecurityGroup.IsSecurityGroupId,
Direction: pulumi.String("inbound"),
Remote: pulumi.String("127.0.0.1"),
Icmp: &ibm.IsSecurityGroupRuleIcmpArgs{
Code: pulumi.Float64(20),
Type: pulumi.Float64(30),
},
})
if err != nil {
return err
}
_, err = ibm.NewIsSecurityGroupRule(ctx, "example2", &ibm.IsSecurityGroupRuleArgs{
Group: exampleIsSecurityGroup.IsSecurityGroupId,
Direction: pulumi.String("inbound"),
Remote: pulumi.String("127.0.0.1"),
Udp: &ibm.IsSecurityGroupRuleUdpArgs{
PortMin: pulumi.Float64(805),
PortMax: pulumi.Float64(807),
},
})
if err != nil {
return err
}
_, err = ibm.NewIsSecurityGroupRule(ctx, "example3", &ibm.IsSecurityGroupRuleArgs{
Group: exampleIsSecurityGroup.IsSecurityGroupId,
Direction: pulumi.String("egress"),
Remote: pulumi.String("127.0.0.1"),
Tcp: &ibm.IsSecurityGroupRuleTcpArgs{
PortMin: pulumi.Float64(8080),
PortMax: pulumi.Float64(8080),
},
})
if err != nil {
return err
}
_, err = ibm.NewIsSecurityGroupRule(ctx, "exampleSecurityGroupRuleIcmpAny", &ibm.IsSecurityGroupRuleArgs{
Group: pulumi.Any(ibm_is_security_group.Example_security_group.Id),
Direction: pulumi.String("inbound"),
Remote: pulumi.String("127.0.0.1"),
Icmp: &ibm.IsSecurityGroupRuleIcmpArgs{},
})
if err != nil {
return err
}
_, err = ibm.NewIsSecurityGroupRule(ctx, "exampleSecurityGroupRuleUdpAny", &ibm.IsSecurityGroupRuleArgs{
Group: pulumi.Any(ibm_is_security_group.Example_security_group.Id),
Direction: pulumi.String("inbound"),
Remote: pulumi.String("127.0.0.1"),
Udp: &ibm.IsSecurityGroupRuleUdpArgs{},
})
if err != nil {
return err
}
_, err = ibm.NewIsSecurityGroupRule(ctx, "exampleSecurityGroupRuleTcpAny", &ibm.IsSecurityGroupRuleArgs{
Group: pulumi.Any(ibm_is_security_group.Example_security_group.Id),
Direction: pulumi.String("inbound"),
Remote: pulumi.String("127.0.0.1"),
Tcp: &ibm.IsSecurityGroupRuleTcpArgs{},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;
return await Deployment.RunAsync(() =>
{
var exampleIsVpc = new Ibm.IsVpc("exampleIsVpc");
var exampleIsSecurityGroup = new Ibm.IsSecurityGroup("exampleIsSecurityGroup", new()
{
Vpc = exampleIsVpc.IsVpcId,
});
var exampleIsSecurityGroupRule = new Ibm.IsSecurityGroupRule("exampleIsSecurityGroupRule", new()
{
Group = exampleIsSecurityGroup.IsSecurityGroupId,
Direction = "inbound",
Remote = "127.0.0.1",
});
var example1 = new Ibm.IsSecurityGroupRule("example1", new()
{
Group = exampleIsSecurityGroup.IsSecurityGroupId,
Direction = "inbound",
Remote = "127.0.0.1",
Icmp = new Ibm.Inputs.IsSecurityGroupRuleIcmpArgs
{
Code = 20,
Type = 30,
},
});
var example2 = new Ibm.IsSecurityGroupRule("example2", new()
{
Group = exampleIsSecurityGroup.IsSecurityGroupId,
Direction = "inbound",
Remote = "127.0.0.1",
Udp = new Ibm.Inputs.IsSecurityGroupRuleUdpArgs
{
PortMin = 805,
PortMax = 807,
},
});
var example3 = new Ibm.IsSecurityGroupRule("example3", new()
{
Group = exampleIsSecurityGroup.IsSecurityGroupId,
Direction = "egress",
Remote = "127.0.0.1",
Tcp = new Ibm.Inputs.IsSecurityGroupRuleTcpArgs
{
PortMin = 8080,
PortMax = 8080,
},
});
var exampleSecurityGroupRuleIcmpAny = new Ibm.IsSecurityGroupRule("exampleSecurityGroupRuleIcmpAny", new()
{
Group = ibm_is_security_group.Example_security_group.Id,
Direction = "inbound",
Remote = "127.0.0.1",
Icmp = null,
});
var exampleSecurityGroupRuleUdpAny = new Ibm.IsSecurityGroupRule("exampleSecurityGroupRuleUdpAny", new()
{
Group = ibm_is_security_group.Example_security_group.Id,
Direction = "inbound",
Remote = "127.0.0.1",
Udp = null,
});
var exampleSecurityGroupRuleTcpAny = new Ibm.IsSecurityGroupRule("exampleSecurityGroupRuleTcpAny", new()
{
Group = ibm_is_security_group.Example_security_group.Id,
Direction = "inbound",
Remote = "127.0.0.1",
Tcp = null,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.IsVpc;
import com.pulumi.ibm.IsSecurityGroup;
import com.pulumi.ibm.IsSecurityGroupArgs;
import com.pulumi.ibm.IsSecurityGroupRule;
import com.pulumi.ibm.IsSecurityGroupRuleArgs;
import com.pulumi.ibm.inputs.IsSecurityGroupRuleIcmpArgs;
import com.pulumi.ibm.inputs.IsSecurityGroupRuleUdpArgs;
import com.pulumi.ibm.inputs.IsSecurityGroupRuleTcpArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleIsVpc = new IsVpc("exampleIsVpc");
var exampleIsSecurityGroup = new IsSecurityGroup("exampleIsSecurityGroup", IsSecurityGroupArgs.builder()
.vpc(exampleIsVpc.isVpcId())
.build());
var exampleIsSecurityGroupRule = new IsSecurityGroupRule("exampleIsSecurityGroupRule", IsSecurityGroupRuleArgs.builder()
.group(exampleIsSecurityGroup.isSecurityGroupId())
.direction("inbound")
.remote("127.0.0.1")
.build());
var example1 = new IsSecurityGroupRule("example1", IsSecurityGroupRuleArgs.builder()
.group(exampleIsSecurityGroup.isSecurityGroupId())
.direction("inbound")
.remote("127.0.0.1")
.icmp(IsSecurityGroupRuleIcmpArgs.builder()
.code(20)
.type(30)
.build())
.build());
var example2 = new IsSecurityGroupRule("example2", IsSecurityGroupRuleArgs.builder()
.group(exampleIsSecurityGroup.isSecurityGroupId())
.direction("inbound")
.remote("127.0.0.1")
.udp(IsSecurityGroupRuleUdpArgs.builder()
.portMin(805)
.portMax(807)
.build())
.build());
var example3 = new IsSecurityGroupRule("example3", IsSecurityGroupRuleArgs.builder()
.group(exampleIsSecurityGroup.isSecurityGroupId())
.direction("egress")
.remote("127.0.0.1")
.tcp(IsSecurityGroupRuleTcpArgs.builder()
.portMin(8080)
.portMax(8080)
.build())
.build());
var exampleSecurityGroupRuleIcmpAny = new IsSecurityGroupRule("exampleSecurityGroupRuleIcmpAny", IsSecurityGroupRuleArgs.builder()
.group(ibm_is_security_group.example_security_group().id())
.direction("inbound")
.remote("127.0.0.1")
.icmp()
.build());
var exampleSecurityGroupRuleUdpAny = new IsSecurityGroupRule("exampleSecurityGroupRuleUdpAny", IsSecurityGroupRuleArgs.builder()
.group(ibm_is_security_group.example_security_group().id())
.direction("inbound")
.remote("127.0.0.1")
.udp()
.build());
var exampleSecurityGroupRuleTcpAny = new IsSecurityGroupRule("exampleSecurityGroupRuleTcpAny", IsSecurityGroupRuleArgs.builder()
.group(ibm_is_security_group.example_security_group().id())
.direction("inbound")
.remote("127.0.0.1")
.tcp()
.build());
}
}
resources:
exampleIsVpc:
type: ibm:IsVpc
exampleIsSecurityGroup:
type: ibm:IsSecurityGroup
properties:
vpc: ${exampleIsVpc.isVpcId}
exampleIsSecurityGroupRule:
type: ibm:IsSecurityGroupRule
properties:
group: ${exampleIsSecurityGroup.isSecurityGroupId}
direction: inbound
remote: 127.0.0.1
example1:
type: ibm:IsSecurityGroupRule
properties:
group: ${exampleIsSecurityGroup.isSecurityGroupId}
direction: inbound
remote: 127.0.0.1
icmp:
code: 20
type: 30
example2:
type: ibm:IsSecurityGroupRule
properties:
group: ${exampleIsSecurityGroup.isSecurityGroupId}
direction: inbound
remote: 127.0.0.1
udp:
portMin: 805
portMax: 807
example3:
type: ibm:IsSecurityGroupRule
properties:
group: ${exampleIsSecurityGroup.isSecurityGroupId}
direction: egress
remote: 127.0.0.1
tcp:
portMin: 8080
portMax: 8080
exampleSecurityGroupRuleIcmpAny:
type: ibm:IsSecurityGroupRule
properties:
group: ${ibm_is_security_group.example_security_group.id}
direction: inbound
remote: 127.0.0.1
icmp: {}
exampleSecurityGroupRuleUdpAny:
type: ibm:IsSecurityGroupRule
properties:
group: ${ibm_is_security_group.example_security_group.id}
direction: inbound
remote: 127.0.0.1
udp: {}
exampleSecurityGroupRuleTcpAny:
type: ibm:IsSecurityGroupRule
properties:
group: ${ibm_is_security_group.example_security_group.id}
direction: inbound
remote: 127.0.0.1
tcp: {}
Create IsSecurityGroupRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IsSecurityGroupRule(name: string, args: IsSecurityGroupRuleArgs, opts?: CustomResourceOptions);@overload
def IsSecurityGroupRule(resource_name: str,
args: IsSecurityGroupRuleInitArgs,
opts: Optional[ResourceOptions] = None)
@overload
def IsSecurityGroupRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
direction: Optional[str] = None,
group: Optional[str] = None,
icmp: Optional[IsSecurityGroupRuleIcmpArgs] = None,
ip_version: Optional[str] = None,
is_security_group_rule_id: Optional[str] = None,
local: Optional[str] = None,
remote: Optional[str] = None,
tcp: Optional[IsSecurityGroupRuleTcpArgs] = None,
udp: Optional[IsSecurityGroupRuleUdpArgs] = None)func NewIsSecurityGroupRule(ctx *Context, name string, args IsSecurityGroupRuleArgs, opts ...ResourceOption) (*IsSecurityGroupRule, error)public IsSecurityGroupRule(string name, IsSecurityGroupRuleArgs args, CustomResourceOptions? opts = null)
public IsSecurityGroupRule(String name, IsSecurityGroupRuleArgs args)
public IsSecurityGroupRule(String name, IsSecurityGroupRuleArgs args, CustomResourceOptions options)
type: ibm:IsSecurityGroupRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IsSecurityGroupRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IsSecurityGroupRuleInitArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IsSecurityGroupRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IsSecurityGroupRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IsSecurityGroupRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var isSecurityGroupRuleResource = new Ibm.IsSecurityGroupRule("isSecurityGroupRuleResource", new()
{
Direction = "string",
Group = "string",
Icmp = new Ibm.Inputs.IsSecurityGroupRuleIcmpArgs
{
Code = 0,
Type = 0,
},
IpVersion = "string",
IsSecurityGroupRuleId = "string",
Local = "string",
Remote = "string",
Tcp = new Ibm.Inputs.IsSecurityGroupRuleTcpArgs
{
PortMax = 0,
PortMin = 0,
},
Udp = new Ibm.Inputs.IsSecurityGroupRuleUdpArgs
{
PortMax = 0,
PortMin = 0,
},
});
example, err := ibm.NewIsSecurityGroupRule(ctx, "isSecurityGroupRuleResource", &ibm.IsSecurityGroupRuleArgs{
Direction: pulumi.String("string"),
Group: pulumi.String("string"),
Icmp: &ibm.IsSecurityGroupRuleIcmpArgs{
Code: pulumi.Float64(0),
Type: pulumi.Float64(0),
},
IpVersion: pulumi.String("string"),
IsSecurityGroupRuleId: pulumi.String("string"),
Local: pulumi.String("string"),
Remote: pulumi.String("string"),
Tcp: &ibm.IsSecurityGroupRuleTcpArgs{
PortMax: pulumi.Float64(0),
PortMin: pulumi.Float64(0),
},
Udp: &ibm.IsSecurityGroupRuleUdpArgs{
PortMax: pulumi.Float64(0),
PortMin: pulumi.Float64(0),
},
})
var isSecurityGroupRuleResource = new IsSecurityGroupRule("isSecurityGroupRuleResource", IsSecurityGroupRuleArgs.builder()
.direction("string")
.group("string")
.icmp(IsSecurityGroupRuleIcmpArgs.builder()
.code(0)
.type(0)
.build())
.ipVersion("string")
.isSecurityGroupRuleId("string")
.local("string")
.remote("string")
.tcp(IsSecurityGroupRuleTcpArgs.builder()
.portMax(0)
.portMin(0)
.build())
.udp(IsSecurityGroupRuleUdpArgs.builder()
.portMax(0)
.portMin(0)
.build())
.build());
is_security_group_rule_resource = ibm.IsSecurityGroupRule("isSecurityGroupRuleResource",
direction="string",
group="string",
icmp={
"code": 0,
"type": 0,
},
ip_version="string",
is_security_group_rule_id="string",
local="string",
remote="string",
tcp={
"port_max": 0,
"port_min": 0,
},
udp={
"port_max": 0,
"port_min": 0,
})
const isSecurityGroupRuleResource = new ibm.IsSecurityGroupRule("isSecurityGroupRuleResource", {
direction: "string",
group: "string",
icmp: {
code: 0,
type: 0,
},
ipVersion: "string",
isSecurityGroupRuleId: "string",
local: "string",
remote: "string",
tcp: {
portMax: 0,
portMin: 0,
},
udp: {
portMax: 0,
portMin: 0,
},
});
type: ibm:IsSecurityGroupRule
properties:
direction: string
group: string
icmp:
code: 0
type: 0
ipVersion: string
isSecurityGroupRuleId: string
local: string
remote: string
tcp:
portMax: 0
portMin: 0
udp:
portMax: 0
portMin: 0
IsSecurityGroupRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IsSecurityGroupRule resource accepts the following input properties:
- Direction string
- The direction of the traffic either
inboundoroutbound. - Group string
- The security group ID.
- Icmp
Is
Security Group Rule Icmp A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- Ip
Version string - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - Is
Security stringGroup Rule Id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - Local string
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - Remote string
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- Tcp
Is
Security Group Rule Tcp A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- Udp
Is
Security Group Rule Udp A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
- Direction string
- The direction of the traffic either
inboundoroutbound. - Group string
- The security group ID.
- Icmp
Is
Security Group Rule Icmp Args A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- Ip
Version string - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - Is
Security stringGroup Rule Id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - Local string
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - Remote string
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- Tcp
Is
Security Group Rule Tcp Args A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- Udp
Is
Security Group Rule Udp Args A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
- direction String
- The direction of the traffic either
inboundoroutbound. - group String
- The security group ID.
- icmp
Is
Security Group Rule Icmp A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- ip
Version String - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - is
Security StringGroup Rule Id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - local String
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - remote String
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- tcp
Is
Security Group Rule Tcp A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- udp
Is
Security Group Rule Udp A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
- direction string
- The direction of the traffic either
inboundoroutbound. - group string
- The security group ID.
- icmp
Is
Security Group Rule Icmp A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- ip
Version string - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - is
Security stringGroup Rule Id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - local string
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - remote string
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- tcp
Is
Security Group Rule Tcp A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- udp
Is
Security Group Rule Udp A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
- direction str
- The direction of the traffic either
inboundoroutbound. - group str
- The security group ID.
- icmp
Is
Security Group Rule Icmp Args A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- ip_
version str - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - is_
security_ strgroup_ rule_ id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - local str
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - remote str
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- tcp
Is
Security Group Rule Tcp Args A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- udp
Is
Security Group Rule Udp Args A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
- direction String
- The direction of the traffic either
inboundoroutbound. - group String
- The security group ID.
- icmp Property Map
A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- ip
Version String - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - is
Security StringGroup Rule Id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - local String
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - remote String
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- tcp Property Map
A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- udp Property Map
A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
Outputs
All input properties are implicitly available as output properties. Additionally, the IsSecurityGroupRule resource produces the following output properties:
Look up Existing IsSecurityGroupRule Resource
Get an existing IsSecurityGroupRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IsSecurityGroupRuleState, opts?: CustomResourceOptions): IsSecurityGroupRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
direction: Optional[str] = None,
group: Optional[str] = None,
icmp: Optional[IsSecurityGroupRuleIcmpArgs] = None,
ip_version: Optional[str] = None,
is_security_group_rule_id: Optional[str] = None,
local: Optional[str] = None,
protocol: Optional[str] = None,
related_crn: Optional[str] = None,
remote: Optional[str] = None,
rule_id: Optional[str] = None,
tcp: Optional[IsSecurityGroupRuleTcpArgs] = None,
udp: Optional[IsSecurityGroupRuleUdpArgs] = None) -> IsSecurityGroupRulefunc GetIsSecurityGroupRule(ctx *Context, name string, id IDInput, state *IsSecurityGroupRuleState, opts ...ResourceOption) (*IsSecurityGroupRule, error)public static IsSecurityGroupRule Get(string name, Input<string> id, IsSecurityGroupRuleState? state, CustomResourceOptions? opts = null)public static IsSecurityGroupRule get(String name, Output<String> id, IsSecurityGroupRuleState state, CustomResourceOptions options)resources: _: type: ibm:IsSecurityGroupRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Direction string
- The direction of the traffic either
inboundoroutbound. - Group string
- The security group ID.
- Icmp
Is
Security Group Rule Icmp A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- Ip
Version string - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - Is
Security stringGroup Rule Id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - Local string
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - Protocol string
- The Security Group Rule Protocol
- string
- The crn of the Security Group
- Remote string
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- Rule
Id string - (String) The unique identifier of the rule.
- Tcp
Is
Security Group Rule Tcp A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- Udp
Is
Security Group Rule Udp A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
- Direction string
- The direction of the traffic either
inboundoroutbound. - Group string
- The security group ID.
- Icmp
Is
Security Group Rule Icmp Args A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- Ip
Version string - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - Is
Security stringGroup Rule Id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - Local string
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - Protocol string
- The Security Group Rule Protocol
- string
- The crn of the Security Group
- Remote string
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- Rule
Id string - (String) The unique identifier of the rule.
- Tcp
Is
Security Group Rule Tcp Args A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- Udp
Is
Security Group Rule Udp Args A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
- direction String
- The direction of the traffic either
inboundoroutbound. - group String
- The security group ID.
- icmp
Is
Security Group Rule Icmp A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- ip
Version String - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - is
Security StringGroup Rule Id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - local String
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - protocol String
- The Security Group Rule Protocol
- String
- The crn of the Security Group
- remote String
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- rule
Id String - (String) The unique identifier of the rule.
- tcp
Is
Security Group Rule Tcp A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- udp
Is
Security Group Rule Udp A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
- direction string
- The direction of the traffic either
inboundoroutbound. - group string
- The security group ID.
- icmp
Is
Security Group Rule Icmp A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- ip
Version string - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - is
Security stringGroup Rule Id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - local string
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - protocol string
- The Security Group Rule Protocol
- string
- The crn of the Security Group
- remote string
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- rule
Id string - (String) The unique identifier of the rule.
- tcp
Is
Security Group Rule Tcp A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- udp
Is
Security Group Rule Udp A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
- direction str
- The direction of the traffic either
inboundoroutbound. - group str
- The security group ID.
- icmp
Is
Security Group Rule Icmp Args A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- ip_
version str - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - is_
security_ strgroup_ rule_ id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - local str
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - protocol str
- The Security Group Rule Protocol
- str
- The crn of the Security Group
- remote str
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- rule_
id str - (String) The unique identifier of the rule.
- tcp
Is
Security Group Rule Tcp Args A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- udp
Is
Security Group Rule Udp Args A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
- direction String
- The direction of the traffic either
inboundoroutbound. - group String
- The security group ID.
- icmp Property Map
A nested block describes the
icmpprotocol of this security group rule.Nested scheme for
icmp:- ip
Version String - The IP version to enforce. The format of local.address, remote.address, local.cidr_block or remote.cidr_block must match this property, if they are used. If remote references a security group, then this rule only applies to IP addresses (network interfaces) in that group matching this IP version. Supported value is [
ipv4]. - is
Security StringGroup Rule Id - (String) The ID of the security group rule. The ID is composed of
<security_group_id>.<security_group_rule_id>. - local String
- The local IP address or range of local IP addresses to which this rule will allow inbound traffic (or from which, for outbound traffic). A CIDR block of 0.0.0.0/0 allows traffic to all local IP addresses (or from all local IP addresses, for outbound rules). an IP address, a
CIDRblock. - protocol String
- The Security Group Rule Protocol
- String
- The crn of the Security Group
- remote String
- Security group ID, an IP address, a CIDR block, or a single security group identifier.
- rule
Id String - (String) The unique identifier of the rule.
- tcp Property Map
A nested block describes the
tcpprotocol of this security group rule.Nested scheme for
tcp:- udp Property Map
A nested block describes the
udpprotocol of this security group rule.Nested scheme for
udp:
Supporting Types
IsSecurityGroupRuleIcmp, IsSecurityGroupRuleIcmpArgs
IsSecurityGroupRuleTcp, IsSecurityGroupRuleTcpArgs
IsSecurityGroupRuleUdp, IsSecurityGroupRuleUdpArgs
Import
The ibm_is_security_group_rule resource can be imported by using security group ID and security group rule ID.
Example
$ pulumi import ibm:index/isSecurityGroupRule:IsSecurityGroupRule example d7bec597-4726-451f-8a63-e62e6f19c32c.cea6651a-bc0a-4438-9f8a-a0770bbf3ebb
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- ibm ibm-cloud/terraform-provider-ibm
- License
- Notes
- This Pulumi package is based on the
ibmTerraform Provider.