volcenginecc.vpc.SecurityGroup

volcenginecc v0.0.32, Apr 23 26

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

Example Usage

Example coming soon!

Example coming soon!

Example coming soon!

Example coming soon!

Example coming soon!

resources:
  securityGroupDemo:
    type: volcenginecc:vpc:SecurityGroup
    name: SecurityGroupDemo
    properties:
      vpcId: vpc-xxxx
      securityGroupName: SecurityGroupDemo
      description: SecurityGroupDemo description
      projectName: default
      ingressPermissions:
        - description: test-rule
          policy: drop
          port_end: 1
          port_start: 1
          priority: 11
          protocol: tcp
          cidr_ip: 192.168.xx.0/26
          prefix_list_id: ""
          source_group_id: ""
      egressPermissions:
        - description: test-rule
          policy: drop
          port_end: -1
          port_start: -1
          priority: 100
          protocol: all
          cidr_ip: 192.168.xx.0/26
          prefix_list_id: list-xxx
          source_group_id: group-xxx
      tags:
        - key: env
          value: test

Create SecurityGroup Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SecurityGroup(name: string, args: SecurityGroupArgs, opts?: CustomResourceOptions);

@overload
def SecurityGroup(resource_name: str,
                  args: SecurityGroupArgs,
                  opts: Optional[ResourceOptions] = None)

@overload
def SecurityGroup(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  vpc_id: Optional[str] = None,
                  description: Optional[str] = None,
                  egress_permissions: Optional[Sequence[SecurityGroupEgressPermissionArgs]] = None,
                  ingress_permissions: Optional[Sequence[SecurityGroupIngressPermissionArgs]] = None,
                  project_name: Optional[str] = None,
                  security_group_name: Optional[str] = None,
                  tags: Optional[Sequence[SecurityGroupTagArgs]] = None)

func NewSecurityGroup(ctx *Context, name string, args SecurityGroupArgs, opts ...ResourceOption) (*SecurityGroup, error)

public SecurityGroup(string name, SecurityGroupArgs args, CustomResourceOptions? opts = null)

public SecurityGroup(String name, SecurityGroupArgs args)
public SecurityGroup(String name, SecurityGroupArgs args, CustomResourceOptions options)

type: volcenginecc:vpc:SecurityGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SecurityGroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SecurityGroupArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SecurityGroupArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SecurityGroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SecurityGroupArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

SecurityGroup Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SecurityGroup resource accepts the following input properties:

VpcId string: VPC ID to which the security group belongs
Description string: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
EgressPermissions List<Volcengine.SecurityGroupEgressPermission>
IngressPermissions List<Volcengine.SecurityGroupIngressPermission>
ProjectName string: Project name to which the security group belongs. Default project is 'default' if not specified
SecurityGroupName string: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
Tags List<Volcengine.SecurityGroupTag>

VpcId string: VPC ID to which the security group belongs
Description string: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
EgressPermissions []SecurityGroupEgressPermissionArgs
IngressPermissions []SecurityGroupIngressPermissionArgs
ProjectName string: Project name to which the security group belongs. Default project is 'default' if not specified
SecurityGroupName string: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
Tags []SecurityGroupTagArgs

vpcId String: VPC ID to which the security group belongs
description String: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
egressPermissions List<SecurityGroupEgressPermission>
ingressPermissions List<SecurityGroupIngressPermission>
projectName String: Project name to which the security group belongs. Default project is 'default' if not specified
securityGroupName String: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
tags List<SecurityGroupTag>

vpcId string: VPC ID to which the security group belongs
description string: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
egressPermissions SecurityGroupEgressPermission[]
ingressPermissions SecurityGroupIngressPermission[]
projectName string: Project name to which the security group belongs. Default project is 'default' if not specified
securityGroupName string: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
tags SecurityGroupTag[]

vpc_id str: VPC ID to which the security group belongs
description str: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
egress_permissions Sequence[SecurityGroupEgressPermissionArgs]
ingress_permissions Sequence[SecurityGroupIngressPermissionArgs]
project_name str: Project name to which the security group belongs. Default project is 'default' if not specified
security_group_name str: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
tags Sequence[SecurityGroupTagArgs]

vpcId String: VPC ID to which the security group belongs
description String: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
egressPermissions List<Property Map>
ingressPermissions List<Property Map>
projectName String: Project name to which the security group belongs. Default project is 'default' if not specified
securityGroupName String: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
tags List<Property Map>

Outputs

All input properties are implicitly available as output properties. Additionally, the SecurityGroup resource produces the following output properties:

CreationTime string: Security group creation time
Id string: The provider-assigned unique ID for this managed resource.
SecurityGroupId string: Security group ID
ServiceManaged bool: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
Status string: Security group status. Available means available for use, Creating means being created
Type string: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group

CreationTime string: Security group creation time
Id string: The provider-assigned unique ID for this managed resource.
SecurityGroupId string: Security group ID
ServiceManaged bool: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
Status string: Security group status. Available means available for use, Creating means being created
Type string: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group

creationTime String: Security group creation time
id String: The provider-assigned unique ID for this managed resource.
securityGroupId String: Security group ID
serviceManaged Boolean: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
status String: Security group status. Available means available for use, Creating means being created
type String: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group

creationTime string: Security group creation time
id string: The provider-assigned unique ID for this managed resource.
securityGroupId string: Security group ID
serviceManaged boolean: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
status string: Security group status. Available means available for use, Creating means being created
type string: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group

creation_time str: Security group creation time
id str: The provider-assigned unique ID for this managed resource.
security_group_id str: Security group ID
service_managed bool: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
status str: Security group status. Available means available for use, Creating means being created
type str: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group

creationTime String: Security group creation time
id String: The provider-assigned unique ID for this managed resource.
securityGroupId String: Security group ID
serviceManaged Boolean: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
status String: Security group status. Available means available for use, Creating means being created
type String: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group

Look up Existing SecurityGroup Resource

Get an existing SecurityGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SecurityGroupState, opts?: CustomResourceOptions): SecurityGroup

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        creation_time: Optional[str] = None,
        description: Optional[str] = None,
        egress_permissions: Optional[Sequence[SecurityGroupEgressPermissionArgs]] = None,
        ingress_permissions: Optional[Sequence[SecurityGroupIngressPermissionArgs]] = None,
        project_name: Optional[str] = None,
        security_group_id: Optional[str] = None,
        security_group_name: Optional[str] = None,
        service_managed: Optional[bool] = None,
        status: Optional[str] = None,
        tags: Optional[Sequence[SecurityGroupTagArgs]] = None,
        type: Optional[str] = None,
        vpc_id: Optional[str] = None) -> SecurityGroup

func GetSecurityGroup(ctx *Context, name string, id IDInput, state *SecurityGroupState, opts ...ResourceOption) (*SecurityGroup, error)

public static SecurityGroup Get(string name, Input<string> id, SecurityGroupState? state, CustomResourceOptions? opts = null)

public static SecurityGroup get(String name, Output<String> id, SecurityGroupState state, CustomResourceOptions options)

resources:  _:    type: volcenginecc:vpc:SecurityGroup    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CreationTime string: Security group creation time
Description string: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
EgressPermissions List<Volcengine.SecurityGroupEgressPermission>
IngressPermissions List<Volcengine.SecurityGroupIngressPermission>
ProjectName string: Project name to which the security group belongs. Default project is 'default' if not specified
SecurityGroupId string: Security group ID
SecurityGroupName string: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
ServiceManaged bool: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
Status string: Security group status. Available means available for use, Creating means being created
Tags List<Volcengine.SecurityGroupTag>
Type string: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group
VpcId string: VPC ID to which the security group belongs

CreationTime string: Security group creation time
Description string: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
EgressPermissions []SecurityGroupEgressPermissionArgs
IngressPermissions []SecurityGroupIngressPermissionArgs
ProjectName string: Project name to which the security group belongs. Default project is 'default' if not specified
SecurityGroupId string: Security group ID
SecurityGroupName string: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
ServiceManaged bool: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
Status string: Security group status. Available means available for use, Creating means being created
Tags []SecurityGroupTagArgs
Type string: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group
VpcId string: VPC ID to which the security group belongs

creationTime String: Security group creation time
description String: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
egressPermissions List<SecurityGroupEgressPermission>
ingressPermissions List<SecurityGroupIngressPermission>
projectName String: Project name to which the security group belongs. Default project is 'default' if not specified
securityGroupId String: Security group ID
securityGroupName String: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
serviceManaged Boolean: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
status String: Security group status. Available means available for use, Creating means being created
tags List<SecurityGroupTag>
type String: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group
vpcId String: VPC ID to which the security group belongs

creationTime string: Security group creation time
description string: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
egressPermissions SecurityGroupEgressPermission[]
ingressPermissions SecurityGroupIngressPermission[]
projectName string: Project name to which the security group belongs. Default project is 'default' if not specified
securityGroupId string: Security group ID
securityGroupName string: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
serviceManaged boolean: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
status string: Security group status. Available means available for use, Creating means being created
tags SecurityGroupTag[]
type string: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group
vpcId string: VPC ID to which the security group belongs

creation_time str: Security group creation time
description str: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
egress_permissions Sequence[SecurityGroupEgressPermissionArgs]
ingress_permissions Sequence[SecurityGroupIngressPermissionArgs]
project_name str: Project name to which the security group belongs. Default project is 'default' if not specified
security_group_id str: Security group ID
security_group_name str: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
service_managed bool: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
status str: Security group status. Available means available for use, Creating means being created
tags Sequence[SecurityGroupTagArgs]
type str: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group
vpc_id str: VPC ID to which the security group belongs

creationTime String: Security group creation time
description String: Description of the security group. Length limit: 0–255 characters. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). If not specified, defaults to an empty string
egressPermissions List<Property Map>
ingressPermissions List<Property Map>
projectName String: Project name to which the security group belongs. Default project is 'default' if not specified
securityGroupId String: Security group ID
securityGroupName String: Security group name. Length: 1–128 characters. Must start with a letter, Chinese character, or number. Can include period (.), underscore (_), and hyphen (-). Default is security group ID if not specified
serviceManaged Boolean: Indicates whether the security group is managed. true means managed security group, false means unmanaged security group
status String: Security group status. Available means available for use, Creating means being created
tags List<Property Map>
type String: Security group type. 1. default: default security group. 2. normal: custom security group. 3. VpnGW: VPN gateway security group. 4. NatGW: NAT gateway security group. 5. cidr_only: CIDR-Only security group
vpcId String: VPC ID to which the security group belongs

Supporting Types

SecurityGroupEgressPermission, SecurityGroupEgressPermissionArgs

CidrIp string: IPv4 CIDR or IPv6 CIDR of the source address
Description string: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
Direction string: Security group rule direction. ingress: inbound direction. egress: outbound direction
Policy string: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
PortEnd int: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
PortStart int: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
PrefixListId string: Prefix list ID
Priority int: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
Protocol string: Protocol type. tcp, udp, icmp, icmpv6, all
SourceGroupId string: Source address security group ID. All NIC addresses in this security group are used as source addresses

CidrIp string: IPv4 CIDR or IPv6 CIDR of the source address
Description string: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
Direction string: Security group rule direction. ingress: inbound direction. egress: outbound direction
Policy string: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
PortEnd int: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
PortStart int: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
PrefixListId string: Prefix list ID
Priority int: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
Protocol string: Protocol type. tcp, udp, icmp, icmpv6, all
SourceGroupId string: Source address security group ID. All NIC addresses in this security group are used as source addresses

cidrIp String: IPv4 CIDR or IPv6 CIDR of the source address
description String: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
direction String: Security group rule direction. ingress: inbound direction. egress: outbound direction
policy String: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
portEnd Integer: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
portStart Integer: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
prefixListId String: Prefix list ID
priority Integer: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
protocol String: Protocol type. tcp, udp, icmp, icmpv6, all
sourceGroupId String: Source address security group ID. All NIC addresses in this security group are used as source addresses

cidrIp string: IPv4 CIDR or IPv6 CIDR of the source address
description string: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
direction string: Security group rule direction. ingress: inbound direction. egress: outbound direction
policy string: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
portEnd number: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
portStart number: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
prefixListId string: Prefix list ID
priority number: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
protocol string: Protocol type. tcp, udp, icmp, icmpv6, all
sourceGroupId string: Source address security group ID. All NIC addresses in this security group are used as source addresses

cidr_ip str: IPv4 CIDR or IPv6 CIDR of the source address
description str: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
direction str: Security group rule direction. ingress: inbound direction. egress: outbound direction
policy str: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
port_end int: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
port_start int: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
prefix_list_id str: Prefix list ID
priority int: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
protocol str: Protocol type. tcp, udp, icmp, icmpv6, all
source_group_id str: Source address security group ID. All NIC addresses in this security group are used as source addresses

cidrIp String: IPv4 CIDR or IPv6 CIDR of the source address
description String: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
direction String: Security group rule direction. ingress: inbound direction. egress: outbound direction
policy String: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
portEnd Number: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
portStart Number: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
prefixListId String: Prefix list ID
priority Number: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
protocol String: Protocol type. tcp, udp, icmp, icmpv6, all
sourceGroupId String: Source address security group ID. All NIC addresses in this security group are used as source addresses

SecurityGroupIngressPermission, SecurityGroupIngressPermissionArgs

CidrIp string: IPv4 CIDR or IPv6 CIDR of the source address
Description string: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
Direction string: Security group rule direction. ingress: inbound direction. egress: outbound direction
Policy string: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
PortEnd int: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
PortStart int: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
PrefixListId string: Prefix list ID
Priority int: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
Protocol string: Protocol type. tcp, udp, icmp, icmpv6, all
SourceGroupId string: Source address security group ID. All NIC addresses in this security group are used as source addresses

CidrIp string: IPv4 CIDR or IPv6 CIDR of the source address
Description string: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
Direction string: Security group rule direction. ingress: inbound direction. egress: outbound direction
Policy string: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
PortEnd int: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
PortStart int: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
PrefixListId string: Prefix list ID
Priority int: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
Protocol string: Protocol type. tcp, udp, icmp, icmpv6, all
SourceGroupId string: Source address security group ID. All NIC addresses in this security group are used as source addresses

cidrIp String: IPv4 CIDR or IPv6 CIDR of the source address
description String: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
direction String: Security group rule direction. ingress: inbound direction. egress: outbound direction
policy String: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
portEnd Integer: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
portStart Integer: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
prefixListId String: Prefix list ID
priority Integer: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
protocol String: Protocol type. tcp, udp, icmp, icmpv6, all
sourceGroupId String: Source address security group ID. All NIC addresses in this security group are used as source addresses

cidrIp string: IPv4 CIDR or IPv6 CIDR of the source address
description string: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
direction string: Security group rule direction. ingress: inbound direction. egress: outbound direction
policy string: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
portEnd number: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
portStart number: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
prefixListId string: Prefix list ID
priority number: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
protocol string: Protocol type. tcp, udp, icmp, icmpv6, all
sourceGroupId string: Source address security group ID. All NIC addresses in this security group are used as source addresses

cidr_ip str: IPv4 CIDR or IPv6 CIDR of the source address
description str: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
direction str: Security group rule direction. ingress: inbound direction. egress: outbound direction
policy str: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
port_end int: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
port_start int: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
prefix_list_id str: Prefix list ID
priority int: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
protocol str: Protocol type. tcp, udp, icmp, icmpv6, all
source_group_id str: Source address security group ID. All NIC addresses in this security group are used as source addresses

cidrIp String: IPv4 CIDR or IPv6 CIDR of the source address
description String: Description for the security group rule. Must start with a letter, Chinese character, or number. Can include English comma (,), period (.), underscore (_), space ( ), equals sign (=), hyphen (-), Chinese comma (，), and Chinese period (。). Length: 1–255 characters. If not specified, the original configuration is retained
direction String: Security group rule direction. ingress: inbound direction. egress: outbound direction
policy String: Access policy. For resources specified by CidrIp, SourceGroupId, or PrefixListId, refers to the NICs in the security group. Values: accept (allow), drop (deny)
portEnd Number: Port range end value. 1. When Protocol is set to tcp or udp, the valid range is 1–65535. 2. When Protocol is set to icmp, icmpv6, or all, only -1 is supported, indicating no port restriction
portStart Number: Port range start value. 1. When Protocol is tcp or udp, range is 1–65535. 2. When Protocol is icmp, icmpv6, or all, only -1 is supported, meaning no port restriction
prefixListId String: Prefix list ID
priority Number: Security group rule priority. Lower numbers indicate higher priority. Value range: 1–100. Default: 1 if not specified
protocol String: Protocol type. tcp, udp, icmp, icmpv6, all
sourceGroupId String: Source address security group ID. All NIC addresses in this security group are used as source addresses

SecurityGroupTag, SecurityGroupTagArgs

Key string: User tag key
Value string: User tag value

Key string: User tag key
Value string: User tag value

key String: User tag key
value String: User tag value

key string: User tag key
value string: User tag value

key str: User tag key
value str: User tag value

key String: User tag key
value String: User tag value

Import

$ pulumi import volcenginecc:vpc/securityGroup:SecurityGroup example "security_group_id"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: volcenginecc volcengine/pulumi-volcenginecc
License: MPL-2.0
Notes: This Pulumi package is based on the volcenginecc Terraform Provider.

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

volcenginecc.vpc.SecurityGroup

On this page

On this page

Example Usage

Create SecurityGroup Resource

Constructor syntax

Parameters

SecurityGroup Resource Properties

Inputs

Outputs

Look up Existing SecurityGroup Resource

Supporting Types

SecurityGroupEgressPermission, SecurityGroupEgressPermissionArgs

SecurityGroupIngressPermission, SecurityGroupIngressPermissionArgs

SecurityGroupTag, SecurityGroupTagArgs

Import

Package Details

On this page

On this page