AWS::EC2::SecurityGroupIngressEC2 SecurityGroupIngress
Resource Type definition for AWS::EC2::SecurityGroupIngress
Properties
12 configurable properties. 1 required. Click a row to see details.
Filter:
| Property | Type | Flags |
|---|---|---|
IpProtocol | string | RequiredCreate-only |
CidrIp | string | Create-only |
CidrIpv6 | string | Create-only |
Description | string | |
FromPort | integer | Create-only |
GroupId | string | Create-only |
GroupName | string | Create-only |
SourcePrefixListId | string | Create-only |
SourceSecurityGroupId | string | Create-only |
SourceSecurityGroupName | string | Create-only |
SourceSecurityGroupOwnerId | string | Create-only |
ToPort | integer | Create-only |
Return Values
Values returned after the resource is created. Access these with Fn::GetAtt.
| Attribute | Type | Description |
|---|---|---|
Id | string | The Security Group Rule Id |
Sample CloudFormation Template
A minimal template with required properties and common optional ones.
template.yaml
AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::EC2::SecurityGroupIngress
Resources:
MyResource:
Type: AWS::EC2::SecurityGroupIngress
Properties:
IpProtocol: "value"
Description: !Ref "AWS::StackName"Required IAM Permissions
Permissions CloudFormation needs in your IAM role to manage this resource.
create
ec2:DescribeSecurityGroupRulesec2:AuthorizeSecurityGroupIngressupdate
ec2:UpdateSecurityGroupRuleDescriptionsIngressdelete
ec2:DescribeSecurityGroupRulesec2:RevokeSecurityGroupIngressread
ec2:DescribeSecurityGroupsec2:DescribeSecurityGroupRuleslist
ec2:DescribeSecurityGroupRulesGet the EC2 Cheat Sheet
Everything you need to know about EC2 on one page. HD quality, print-friendly.
Download Free InfographicQuick Facts
ServiceEC2
Properties13
Required1
TaggingNot supported
Primary ID
IdSupported Operations
CreateUpdateDeleteReadList
Immutable After Creation
These properties cannot be changed after the resource is created. Updating them triggers a replacement.
GroupNameIpProtocolSourceSecurityGroupIdSourcePrefixListIdToPortCidrIpSourceSecurityGroupNameSourceSecurityGroupOwnerIdFromPortGroupIdCidrIpv6