Add Ingress Rule to Security Groups using AWS CDK
I'm trying to add an ingress rule to a Security Group via the AWS CDK using Python. As per the documentation here - there's a method add_ingress_rule() on the Class aws_cdk.aws_ec2.
However - when I try to deploy the stack, I get the following error :
AttributeError: 'method' object has no attribute 'jsii__type' Subprocess exited with error 1
Security Group Code snippet below-
sg_elb = ec2.SecurityGroup(
self,
id = "sg_elb",
vpc = vpc,
security_group_name = "sg_elb"
)
sg_elb.add_ingress_rule(
peer = ec2.Peer.any_ipv4,
connection = ec2.Port.tcp(443) # This line seems to be a problem.
)
There's even the same example (in TypeScript) given on the official documentation here so I'm not sure what I'm doing wrong.
Can anyone advise ?
Thanks in advance !
Answer
I got the following to work using TS, hope it helps some.
const mySG = new ec2.SecurityGroup(this, `${stack}-security-group`, {
vpc: vpc,
allowAllOutbound: true,
description: 'CDK Security Group'
});
mySG.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(22), 'SSH frm anywhere');
mySG.addIngressRule(ec2.Peer.ipv4('10.200.0.0/24'), ec2.Port.tcp(5439), 'Redshift Ingress1');
mySG.addIngressRule(ec2.Peer.ipv4('10.0.0.0/24'), ec2.Port.tcp(5439), 'Redshift Ingress2');
Btw, it is not recommended to use an explicit security group name: https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-ec2.SecurityGroup.html