SecurityGroupProps
- class aws_cdk.aws_ec2.SecurityGroupProps(*, vpc, allow_all_outbound=None, description=None, disable_inline_rules=None, security_group_name=None)
Bases:
object
- Parameters:
vpc (
IVpc
) – The VPC in which to create the security group.allow_all_outbound (
Optional
[bool
]) – Whether to allow all outbound traffic by default. If this is set to true, there will only be a single egress rule which allows all outbound traffic. If this is set to false, no outbound traffic will be allowed by default and all egress traffic must be explicitly authorized. Default: truedescription (
Optional
[str
]) – A description of the security group. Default: The default name will be the construct’s CDK path.disable_inline_rules (
Optional
[bool
]) – Whether to disable inline ingress and egress rule optimization. If this is set to true, ingress and egress rules will not be declared under the SecurityGroup in cloudformation, but will be separate elements. Inlining rules is an optimization for producing smaller stack templates. Sometimes this is not desirable, for example when security group access is managed via tags. The default value can be overriden globally by setting the context variable ‘@aws-cdk/aws-ec2.securityGroupDisableInlineRules’. Default: falsesecurity_group_name (
Optional
[str
]) – The name of the security group. For valid values, see the GroupName parameter of the CreateSecurityGroup action in the Amazon EC2 API Reference. It is not recommended to use an explicit group name. Default: If you don’t specify a GroupName, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.
- ExampleMetadata:
infused
Example:
# vpc: ec2.Vpc security_group1 = ec2.SecurityGroup(self, "SecurityGroup1", vpc=vpc) lb = elbv2.ApplicationLoadBalancer(self, "LB", vpc=vpc, internet_facing=True, security_group=security_group1 ) security_group2 = ec2.SecurityGroup(self, "SecurityGroup2", vpc=vpc) lb.add_security_group(security_group2)
Attributes
- allow_all_outbound
Whether to allow all outbound traffic by default.
If this is set to true, there will only be a single egress rule which allows all outbound traffic. If this is set to false, no outbound traffic will be allowed by default and all egress traffic must be explicitly authorized.
- Default:
true
- description
A description of the security group.
- Default:
The default name will be the construct’s CDK path.
- disable_inline_rules
Whether to disable inline ingress and egress rule optimization.
If this is set to true, ingress and egress rules will not be declared under the SecurityGroup in cloudformation, but will be separate elements.
Inlining rules is an optimization for producing smaller stack templates. Sometimes this is not desirable, for example when security group access is managed via tags.
The default value can be overriden globally by setting the context variable ‘@aws-cdk/aws-ec2.securityGroupDisableInlineRules’.
- Default:
false
- security_group_name
The name of the security group.
For valid values, see the GroupName parameter of the CreateSecurityGroup action in the Amazon EC2 API Reference.
It is not recommended to use an explicit group name.
- Default:
If you don’t specify a GroupName, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.
- vpc
The VPC in which to create the security group.