Skip to content

Resource: awsDbSecurityGroup

Provides an RDS security group resource. This is only for DB instances in the EC2-Classic Platform. For instances inside a VPC, use the awsDbInstanceVpcSecurityGroupIds attribute instead.

!> WARNING: With the retirement of EC2-Classic the awsDbSecurityGroup resource has been deprecated and will be removed in a future version. Any existing resources can be removed from Terraform state using the terraformStateRm command.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dbSecurityGroup.DbSecurityGroup(this, "default", {
  ingress: [
    {
      cidr: "10.0.0.0/24",
    },
  ],
  name: "rds_sg",
});

Argument Reference

The following arguments are supported:

  • name - (Required) The name of the DB security group.
  • description - (Optional) The description of the DB security group. Defaults to "Managed by Terraform".
  • ingress - (Required) A list of ingress rules.
  • tags - (Optional) A map of tags to assign to the resource. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Ingress blocks support the following:

  • cidr - The CIDR block to accept
  • securityGroupName - The name of the security group to authorize
  • securityGroupId - The ID of the security group to authorize
  • securityGroupOwnerId - The owner Id of the security group provided by securityGroupName.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The db security group ID.
  • arn - The arn of the DB security group.
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

Import

DB Security groups can be imported using the name, e.g.,

$ terraform import aws_db_security_group.default aws_rds_sg-1