Class SecurityGroupProps

Inheritance
object
SecurityGroupProps
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.EC2
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class SecurityGroupProps : ISecurityGroupProps
Syntax (vb)
Public Class SecurityGroupProps Implements ISecurityGroupProps
Remarks

ExampleMetadata: infused

Examples
var vpc = new Vpc(this, "Vpc", new VpcProps { MaxAzs = 1 });
            var cluster = new Cluster(this, "EcsCluster", new ClusterProps { Vpc = vpc });
            var securityGroup = new SecurityGroup(this, "SG", new SecurityGroupProps { Vpc = vpc });

            var scheduledFargateTask = new ScheduledFargateTask(this, "ScheduledFargateTask", new ScheduledFargateTaskProps {
                Cluster = cluster,
                ScheduledFargateTaskImageOptions = new ScheduledFargateTaskImageOptions {
                    Image = ContainerImage.FromRegistry("amazon/amazon-ecs-sample"),
                    MemoryLimitMiB = 512
                },
                Schedule = Schedule.Expression("rate(1 minute)"),
                SecurityGroups = new [] { securityGroup }
            });

Synopsis

Constructors

SecurityGroupProps()

Properties

AllowAllIpv6Outbound

Whether to allow all outbound ipv6 traffic by default.
AllowAllOutbound

Whether to allow all outbound traffic by default.
Description

A description of the security group.
DisableInlineRules

Whether to disable inline ingress and egress rule optimization.
SecurityGroupName

The name of the security group.
Vpc

The VPC in which to create the security group.

Constructors

SecurityGroupProps()

public SecurityGroupProps()
Remarks

ExampleMetadata: infused

Examples
var vpc = new Vpc(this, "Vpc", new VpcProps { MaxAzs = 1 });
            var cluster = new Cluster(this, "EcsCluster", new ClusterProps { Vpc = vpc });
            var securityGroup = new SecurityGroup(this, "SG", new SecurityGroupProps { Vpc = vpc });

            var scheduledFargateTask = new ScheduledFargateTask(this, "ScheduledFargateTask", new ScheduledFargateTaskProps {
                Cluster = cluster,
                ScheduledFargateTaskImageOptions = new ScheduledFargateTaskImageOptions {
                    Image = ContainerImage.FromRegistry("amazon/amazon-ecs-sample"),
                    MemoryLimitMiB = 512
                },
                Schedule = Schedule.Expression("rate(1 minute)"),
                SecurityGroups = new [] { securityGroup }
            });

Properties

AllowAllIpv6Outbound

Whether to allow all outbound ipv6 traffic by default.

public bool? AllowAllIpv6Outbound { get; set; }
Property Value

bool?

Remarks

If this is set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If this is set to false, no outbound traffic will be allowed by default and all egress ipv6 traffic must be explicitly authorized.

To allow all ipv4 traffic use allowAllOutbound

Default: false

AllowAllOutbound

Whether to allow all outbound traffic by default.

public bool? AllowAllOutbound { get; set; }
Property Value

bool?

Remarks

If this is set to true, there will only be a single egress rule which allows all outbound traffic. If this is set to false, no outbound traffic will be allowed by default and all egress traffic must be explicitly authorized.

To allow all ipv6 traffic use allowAllIpv6Outbound

Default: true

Description

A description of the security group.

public string? Description { get; set; }
Property Value

string

Remarks

Default: The default name will be the construct's CDK path.

DisableInlineRules

Whether to disable inline ingress and egress rule optimization.

public bool? DisableInlineRules { get; set; }
Property Value

bool?

Remarks

If this is set to true, ingress and egress rules will not be declared under the SecurityGroup in cloudformation, but will be separate elements.

Inlining rules is an optimization for producing smaller stack templates. Sometimes this is not desirable, for example when security group access is managed via tags.

The default value can be overridden globally by setting the context variable '@aws-cdk/aws-ec2.securityGroupDisableInlineRules'.

Default: false

SecurityGroupName

The name of the security group.

public string? SecurityGroupName { get; set; }
Property Value

string

Remarks

For valid values, see the GroupName parameter of the CreateSecurityGroup action in the Amazon EC2 API Reference.

It is not recommended to use an explicit group name.

Default: If you don't specify a GroupName, AWS CloudFormation generates a unique physical ID and uses that ID for the group name.

Vpc

The VPC in which to create the security group.

public IVpc Vpc { get; set; }
Property Value

IVpc

Remarks

ExampleMetadata: infused

Implements