Skip to content

Resource: awsVpcEndpointSecurityGroupAssociation

Provides a resource to create an association between a VPC endpoint and a security group.

\~> NOTE on VPC Endpoints and VPC Endpoint Security Group Associations: Terraform provides both a standalone VPC Endpoint Security Group Association (an association between a VPC endpoint and a single securityGroupId) and a VPC Endpoint resource with a securityGroupIds attribute. Do not use the same security group ID in both a VPC Endpoint resource and a VPC Endpoint Security Group Association resource. Doing so will cause a conflict of associations and will overwrite the association.

Example Usage

Basic usage:

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.vpcEndpointSecurityGroupAssociation.VpcEndpointSecurityGroupAssociation(
  this,
  "sg_ec2",
  {
    securityGroupId: "${aws_security_group.sg.id}",
    vpcEndpointId: "${aws_vpc_endpoint.ec2.id}",
  }
);

Argument Reference

The following arguments are supported:

  • securityGroupId - (Required) The ID of the security group to be associated with the VPC endpoint.
  • vpcEndpointId - (Required) The ID of the VPC endpoint with which the security group will be associated.
  • replaceDefaultAssociation - (Optional) Whether this association should replace the association with the VPC's default security group that is created when no security groups are specified during VPC endpoint creation. At most 1 association per-VPC endpoint should be configured with replaceDefaultAssociation =True.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The ID of the association.