Welcome to Pulumi Registry, your window into the cloud. Read the announcement.

Yandex

v0.10.0 published on Thursday, Nov 18, 2021 by Pulumi

VpcSecurityGroup

Manages a Security Group within the Yandex.Cloud. For more information, see the official documentation.

Example Usage

using Pulumi;
using Yandex = Pulumi.Yandex;

class MyStack : Stack
{
    public MyStack()
    {
        var lab_net = new Yandex.VpcNetwork("lab-net", new Yandex.VpcNetworkArgs
        {
        });
        var group1 = new Yandex.VpcSecurityGroup("group1", new Yandex.VpcSecurityGroupArgs
        {
            Description = "description for my security group",
            Egresses = 
            {
                new Yandex.Inputs.VpcSecurityGroupEgressArgs
                {
                    Description = "rule2 description",
                    FromPort = 8090,
                    Protocol = "ANY",
                    ToPort = 8099,
                    V4CidrBlocks = 
                    {
                        "10.0.1.0/24",
                        "10.0.2.0/24",
                    },
                },
                new Yandex.Inputs.VpcSecurityGroupEgressArgs
                {
                    Description = "rule3 description",
                    FromPort = 8090,
                    Protocol = "UDP",
                    ToPort = 8099,
                    V4CidrBlocks = 
                    {
                        "10.0.1.0/24",
                    },
                },
            },
            Ingresses = 
            {
                new Yandex.Inputs.VpcSecurityGroupIngressArgs
                {
                    Description = "rule1 description",
                    Port = 8080,
                    Protocol = "TCP",
                    V4CidrBlocks = 
                    {
                        "10.0.1.0/24",
                        "10.0.2.0/24",
                    },
                },
            },
            Labels = 
            {
                { "my-label", "my-label-value" },
            },
            NetworkId = lab_net.Id,
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-yandex/sdk/go/yandex"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := yandex.NewVpcNetwork(ctx, "lab_net", nil)
		if err != nil {
			return err
		}
		_, err = yandex.NewVpcSecurityGroup(ctx, "group1", &yandex.VpcSecurityGroupArgs{
			Description: pulumi.String("description for my security group"),
			Egresses: VpcSecurityGroupEgressArray{
				&VpcSecurityGroupEgressArgs{
					Description: pulumi.String("rule2 description"),
					FromPort:    pulumi.Int(8090),
					Protocol:    pulumi.String("ANY"),
					ToPort:      pulumi.Int(8099),
					V4CidrBlocks: pulumi.StringArray{
						pulumi.String("10.0.1.0/24"),
						pulumi.String("10.0.2.0/24"),
					},
				},
				&VpcSecurityGroupEgressArgs{
					Description: pulumi.String("rule3 description"),
					FromPort:    pulumi.Int(8090),
					Protocol:    pulumi.String("UDP"),
					ToPort:      pulumi.Int(8099),
					V4CidrBlocks: pulumi.StringArray{
						pulumi.String("10.0.1.0/24"),
					},
				},
			},
			Ingresses: VpcSecurityGroupIngressArray{
				&VpcSecurityGroupIngressArgs{
					Description: pulumi.String("rule1 description"),
					Port:        pulumi.Int(8080),
					Protocol:    pulumi.String("TCP"),
					V4CidrBlocks: pulumi.StringArray{
						pulumi.String("10.0.1.0/24"),
						pulumi.String("10.0.2.0/24"),
					},
				},
			},
			Labels: pulumi.StringMap{
				"my-label": pulumi.String("my-label-value"),
			},
			NetworkId: lab_net.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
import pulumi
import pulumi_yandex as yandex

lab_net = yandex.VpcNetwork("lab-net")
group1 = yandex.VpcSecurityGroup("group1",
    description="description for my security group",
    egresses=[
        yandex.VpcSecurityGroupEgressArgs(
            description="rule2 description",
            from_port=8090,
            protocol="ANY",
            to_port=8099,
            v4_cidr_blocks=[
                "10.0.1.0/24",
                "10.0.2.0/24",
            ],
        ),
        yandex.VpcSecurityGroupEgressArgs(
            description="rule3 description",
            from_port=8090,
            protocol="UDP",
            to_port=8099,
            v4_cidr_blocks=["10.0.1.0/24"],
        ),
    ],
    ingresses=[yandex.VpcSecurityGroupIngressArgs(
        description="rule1 description",
        port=8080,
        protocol="TCP",
        v4_cidr_blocks=[
            "10.0.1.0/24",
            "10.0.2.0/24",
        ],
    )],
    labels={
        "my-label": "my-label-value",
    },
    network_id=lab_net.id)
import * as pulumi from "@pulumi/pulumi";
import * as yandex from "@pulumi/yandex";

const lab_net = new yandex.VpcNetwork("lab-net", {});
const group1 = new yandex.VpcSecurityGroup("group1", {
    description: "description for my security group",
    egresses: [
        {
            description: "rule2 description",
            fromPort: 8090,
            protocol: "ANY",
            toPort: 8099,
            v4CidrBlocks: [
                "10.0.1.0/24",
                "10.0.2.0/24",
            ],
        },
        {
            description: "rule3 description",
            fromPort: 8090,
            protocol: "UDP",
            toPort: 8099,
            v4CidrBlocks: ["10.0.1.0/24"],
        },
    ],
    ingresses: [{
        description: "rule1 description",
        port: 8080,
        protocol: "TCP",
        v4CidrBlocks: [
            "10.0.1.0/24",
            "10.0.2.0/24",
        ],
    }],
    labels: {
        "my-label": "my-label-value",
    },
    networkId: lab_net.id,
});

Create a VpcSecurityGroup Resource

new VpcSecurityGroup(name: string, args: VpcSecurityGroupArgs, opts?: CustomResourceOptions);
@overload
def VpcSecurityGroup(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     description: Optional[str] = None,
                     egresses: Optional[Sequence[VpcSecurityGroupEgressArgs]] = None,
                     folder_id: Optional[str] = None,
                     ingresses: Optional[Sequence[VpcSecurityGroupIngressArgs]] = None,
                     labels: Optional[Mapping[str, str]] = None,
                     name: Optional[str] = None,
                     network_id: Optional[str] = None)
@overload
def VpcSecurityGroup(resource_name: str,
                     args: VpcSecurityGroupArgs,
                     opts: Optional[ResourceOptions] = None)
func NewVpcSecurityGroup(ctx *Context, name string, args VpcSecurityGroupArgs, opts ...ResourceOption) (*VpcSecurityGroup, error)
public VpcSecurityGroup(string name, VpcSecurityGroupArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args VpcSecurityGroupArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args VpcSecurityGroupArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args VpcSecurityGroupArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args VpcSecurityGroupArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

VpcSecurityGroup Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The VpcSecurityGroup resource accepts the following input properties:

NetworkId string
ID of the network this security group belongs to.
Description string
Description of the security group.
Egresses List<VpcSecurityGroupEgressArgs>
A list of egress rules. The structure is documented below.
FolderId string
ID of the folder this security group belongs to.
Ingresses List<VpcSecurityGroupIngressArgs>
A list of ingress rules.
Labels Dictionary<string, string>
Labels to assign to this security group.
Name string
Name of the security group.
NetworkId string
ID of the network this security group belongs to.
Description string
Description of the security group.
Egresses []VpcSecurityGroupEgressArgs
A list of egress rules. The structure is documented below.
FolderId string
ID of the folder this security group belongs to.
Ingresses []VpcSecurityGroupIngressArgs
A list of ingress rules.
Labels map[string]string
Labels to assign to this security group.
Name string
Name of the security group.
networkId string
ID of the network this security group belongs to.
description string
Description of the security group.
egresses VpcSecurityGroupEgressArgs[]
A list of egress rules. The structure is documented below.
folderId string
ID of the folder this security group belongs to.
ingresses VpcSecurityGroupIngressArgs[]
A list of ingress rules.
labels {[key: string]: string}
Labels to assign to this security group.
name string
Name of the security group.
network_id str
ID of the network this security group belongs to.
description str
Description of the security group.
egresses Sequence[VpcSecurityGroupEgressArgs]
A list of egress rules. The structure is documented below.
folder_id str
ID of the folder this security group belongs to.
ingresses Sequence[VpcSecurityGroupIngressArgs]
A list of ingress rules.
labels Mapping[str, str]
Labels to assign to this security group.
name str
Name of the security group.

Outputs

All input properties are implicitly available as output properties. Additionally, the VpcSecurityGroup resource produces the following output properties:

CreatedAt string
Creation timestamp of this security group.
Id string
The provider-assigned unique ID for this managed resource.
Status string
Status of this security group.
CreatedAt string
Creation timestamp of this security group.
Id string
The provider-assigned unique ID for this managed resource.
Status string
Status of this security group.
createdAt string
Creation timestamp of this security group.
id string
The provider-assigned unique ID for this managed resource.
status string
Status of this security group.
created_at str
Creation timestamp of this security group.
id str
The provider-assigned unique ID for this managed resource.
status str
Status of this security group.

Look up an Existing VpcSecurityGroup Resource

Get an existing VpcSecurityGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VpcSecurityGroupState, opts?: CustomResourceOptions): VpcSecurityGroup
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        created_at: Optional[str] = None,
        description: Optional[str] = None,
        egresses: Optional[Sequence[VpcSecurityGroupEgressArgs]] = None,
        folder_id: Optional[str] = None,
        ingresses: Optional[Sequence[VpcSecurityGroupIngressArgs]] = None,
        labels: Optional[Mapping[str, str]] = None,
        name: Optional[str] = None,
        network_id: Optional[str] = None,
        status: Optional[str] = None) -> VpcSecurityGroup
func GetVpcSecurityGroup(ctx *Context, name string, id IDInput, state *VpcSecurityGroupState, opts ...ResourceOption) (*VpcSecurityGroup, error)
public static VpcSecurityGroup Get(string name, Input<string> id, VpcSecurityGroupState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

CreatedAt string
Creation timestamp of this security group.
Description string
Description of the security group.
Egresses List<VpcSecurityGroupEgressArgs>
A list of egress rules. The structure is documented below.
FolderId string
ID of the folder this security group belongs to.
Ingresses List<VpcSecurityGroupIngressArgs>
A list of ingress rules.
Labels Dictionary<string, string>
Labels to assign to this security group.
Name string
Name of the security group.
NetworkId string
ID of the network this security group belongs to.
Status string
Status of this security group.
CreatedAt string
Creation timestamp of this security group.
Description string
Description of the security group.
Egresses []VpcSecurityGroupEgressArgs
A list of egress rules. The structure is documented below.
FolderId string
ID of the folder this security group belongs to.
Ingresses []VpcSecurityGroupIngressArgs
A list of ingress rules.
Labels map[string]string
Labels to assign to this security group.
Name string
Name of the security group.
NetworkId string
ID of the network this security group belongs to.
Status string
Status of this security group.
createdAt string
Creation timestamp of this security group.
description string
Description of the security group.
egresses VpcSecurityGroupEgressArgs[]
A list of egress rules. The structure is documented below.
folderId string
ID of the folder this security group belongs to.
ingresses VpcSecurityGroupIngressArgs[]
A list of ingress rules.
labels {[key: string]: string}
Labels to assign to this security group.
name string
Name of the security group.
networkId string
ID of the network this security group belongs to.
status string
Status of this security group.
created_at str
Creation timestamp of this security group.
description str
Description of the security group.
egresses Sequence[VpcSecurityGroupEgressArgs]
A list of egress rules. The structure is documented below.
folder_id str
ID of the folder this security group belongs to.
ingresses Sequence[VpcSecurityGroupIngressArgs]
A list of ingress rules.
labels Mapping[str, str]
Labels to assign to this security group.
name str
Name of the security group.
network_id str
ID of the network this security group belongs to.
status str
Status of this security group.

Supporting Types

VpcSecurityGroupEgress

Protocol string
Description string
Description of the security group.
FromPort int
Id string
Id of the rule.
Labels Dictionary<string, string>
Labels to assign to this security group.
Port int
PredefinedTarget string
SecurityGroupId string
ToPort int
V4CidrBlocks List<string>
V6CidrBlocks List<string>
Protocol string
Description string
Description of the security group.
FromPort int
Id string
Id of the rule.
Labels map[string]string
Labels to assign to this security group.
Port int
PredefinedTarget string
SecurityGroupId string
ToPort int
V4CidrBlocks []string
V6CidrBlocks []string
protocol string
description string
Description of the security group.
fromPort number
id string
Id of the rule.
labels {[key: string]: string}
Labels to assign to this security group.
port number
predefinedTarget string
securityGroupId string
toPort number
v4CidrBlocks string[]
v6CidrBlocks string[]
protocol str
description str
Description of the security group.
from_port int
id str
Id of the rule.
labels Mapping[str, str]
Labels to assign to this security group.
port int
predefined_target str
security_group_id str
to_port int
v4_cidr_blocks Sequence[str]
v6_cidr_blocks Sequence[str]

VpcSecurityGroupIngress

Protocol string
Description string
Description of the security group.
FromPort int
Id string
Id of the rule.
Labels Dictionary<string, string>
Labels to assign to this security group.
Port int
PredefinedTarget string
SecurityGroupId string
ToPort int
V4CidrBlocks List<string>
V6CidrBlocks List<string>
Protocol string
Description string
Description of the security group.
FromPort int
Id string
Id of the rule.
Labels map[string]string
Labels to assign to this security group.
Port int
PredefinedTarget string
SecurityGroupId string
ToPort int
V4CidrBlocks []string
V6CidrBlocks []string
protocol string
description string
Description of the security group.
fromPort number
id string
Id of the rule.
labels {[key: string]: string}
Labels to assign to this security group.
port number
predefinedTarget string
securityGroupId string
toPort number
v4CidrBlocks string[]
v6CidrBlocks string[]
protocol str
description str
Description of the security group.
from_port int
id str
Id of the rule.
labels Mapping[str, str]
Labels to assign to this security group.
port int
predefined_target str
security_group_id str
to_port int
v4_cidr_blocks Sequence[str]
v6_cidr_blocks Sequence[str]

Package Details

Repository
https://github.com/pulumi/pulumi-yandex
License
Apache-2.0
Notes
This Pulumi package is based on the yandex Terraform Provider.