accessKeyId
The AWS Access Key ID.
type
string
default
{
accessKeyId = "";
}
description
Informational description of the security group.
type
string
default
{
description = "NixOps-provisioned group {name}";
}
groupId
The security group ID. This is set by NixOps.
type
null or string
default
{
groupId = null;
}
name
Name of the security group.
type
string
default
{
name = "charon-{uuid}-{name}";
}
region
AWS region.
type
string
rules
The security group's rules.
type
list of submodule
default
{
rules = {};
}
rules.*.codeNumber
ICMP code number (ICMP only, -1 for all).
type
null or signed integer
default
{
rules.*.codeNumber = null;
}
rules.*.fromPort
The bottom of the allowed port range for this rule (TCP/UDP only).
type
null or signed integer
default
{
rules.*.fromPort = null;
}
rules.*.protocol
The protocol (tcp, udp, or icmp) that this rule describes. Use "-1" to specify All.
type
string
default
{
rules.*.protocol = "tcp";
}
rules.*.sourceGroup.groupName
The name of the source security group (if allowing all instances in a group access instead of an IP range).
type
null or string
default
{
rules.*.sourceGroup.groupName = null;
}
rules.*.sourceGroup.ownerId
The AWS account ID that owns the source security group.
type
null or string
default
{
rules.*.sourceGroup.ownerId = null;
}
rules.*.sourceIp
The source IP range (CIDR notation).
Can also be a reference to ElasticIP resource, which will be suffixed with /32 CIDR notation.
type
null or string or resource of type ‘elastic-ip’
default
{
rules.*.sourceIp = null;
}
rules.*.toPort
The top of the allowed port range for this rule (TCP/UDP only).
type
null or signed integer
default
{
rules.*.toPort = null;
}
rules.*.typeNumber
ICMP type number (ICMP only, -1 for all).
type
null or signed integer
default
{
rules.*.typeNumber = null;
}
vpcId
The VPC ID to create security group in (default is not set, uses default VPC in EC2-VPC account, in EC2-Classic accounts no VPC is set).
type
null or string or resource of type ‘vpc’
default
{
vpcId = null;
}