Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add security group examples #799

Closed
cremich opened this issue Sep 27, 2018 · 7 comments
Closed

Add security group examples #799

cremich opened this issue Sep 27, 2018 · 7 comments

Comments

@cremich
Copy link

cremich commented Sep 27, 2018

It would be great do find some examples how to create new security groups with ingress and egress rules. Currently its hard to find some hints how to provide the parameters for addIngressRule of a newly created securitygroup.

Here a short typescript sample that creates a new vpc, a security-group and an ec2-instance. Maybe it is helpul:

    const vpc = new ec2.VpcNetwork(this, 'NewVPC');

    let mySecurityGroup = new ec2.SecurityGroup(this, 'NewSecurityGroup', {
      description: 'Allow ssh access to ec2 instances',
      groupName: 'ec2-ssh-access',
      vpc: vpc
    });
    mySecurityGroup.addIngressRule(new ec2.AnyIPv4(), new ec2.TcpPort(22), 'allow ssh access from any ipv4 ip');

    new ec2.cloudformation.InstanceResource(this, 'Ec2Instance', {
        imageId: ' ami-0f5dbc86dd9cbf7a8',
        securityGroupIds: [ mySecurityGroup.securityGroupId],
        instanceType: 't2.micro',
        tags: [{
          key: 'Name',
          value: 'my-new-ec2-instance'
        }]
    });
@rix0rrr
Copy link
Contributor

rix0rrr commented Sep 28, 2018

Your problem is caused by the fact that we don't have an abstraction for EC2::Instance yet.

Normally, constructs with SecurityGroups have a .connections member, and you'll manipulate their rules like this:

instance.connections.allowFromAnywhere(new ec2.TcpPort(22));

But yes, unfortunately we don't have an L2 for Instance yet, only for AutoScalingGroup.

@rix0rrr
Copy link
Contributor

rix0rrr commented Sep 28, 2018

It might bear mentioning in the docs anyway.

rix0rrr added a commit that referenced this issue Sep 28, 2018
@rix0rrr
docs(aws-ec2): Explain Security Groups better
cf5f9c7 
Explain how to add rules to Security Groups, and rewrite the 
section on the Connections object a bit.

Fixes #799.
@rix0rrr rix0rrr mentioned this issue Sep 28, 2018
Closed
@Doug-AWS Doug-AWS changed the title Extend documentation with some secuity group examples Add security group examples Oct 1, 2018
@Doug-AWS
Copy link
Contributor

Are we talking about the guide or the reference? Please add the appropriate tag.

@ghost
Copy link

ghost commented Aug 7, 2019

Is this something we still need? If so, I'll add it to the CDK Guide project.

@eladb
Copy link
Contributor

eladb commented Aug 8, 2019

No need

@eladb eladb closed this as completed Aug 8, 2019
@eladb
Copy link
Contributor

eladb commented Aug 8, 2019

You know what? Maybe take a look at the ec2 readme file and see if there’s something to be added

@eladb eladb reopened this Aug 8, 2019
@ghost ghost self-assigned this Aug 13, 2019
@ghost
Copy link

ghost commented Aug 15, 2019

This seems to be covered by this one over in the CDK Guide repo. I'll link that back here for context. awsdocs/aws-cdk-guide#59

@ghost ghost mentioned this issue Aug 15, 2019
Open
@ghost ghost closed this as completed Aug 15, 2019
This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

docs(aws-ec2): Explain Security Groups better aws/aws-cdk
4 participants
@rix0rrr @eladb @cremich @Doug-AWS