CODEWITHSUNDEEP
amazon-web-servicesamazon-vpcaws-security-group
smallbirds
smallbirds

Reputation: 1067

How to add security group to VPC Endpoint in CDK (AWS)

I have an existing VPC endpoint on my AWS account. When I deploy my CDK stack i need to somehow add a security group to that VPC endpoint for my server to be able to talk to a Redshift cluster on another network.

I define my security group like this:

const securityGroup = new ec2.SecurityGroup(this, "SecurityGroup", {
        vpc,
        allowAllOutbound: true,
    });

How can I add that security group to the VPC endpoint? I know the endpoint ID but somehow cant figure out how to do this. I have tried to get the VPC endpoint by ID and played around with security groups

Upvotes: 3

Views: 2856

Answers (2)

yaach
yaach

Reputation: 462

This is how I did it using the AWS Console:

  • Login to console
  • Go to the list of Endpoints (Virtual private cloud > Endpoints)
  • Select and click on your endpoint (very important)
  • On the top right, select 'Managed security groups' from the Actions dropdown.
  • This will bring a list of SG, where you will be able to select the ones you want to attach to your Endpoint
  • Click 'Modify security groups'

Hope that helps!

Upvotes: 0

Coin Graham
Coin Graham

Reputation: 1584

You'll want to use ec2.InterfaceVpcEndpoint which creates a new Vpc Endpoint and allows for you to add in security groups ids. Borrowing from here it might look like this:

    ec2.InterfaceVpcEndpoint(
        self,
        "VPCe - Redshift",
        service=ec2.InterfaceVpcEndpointService("redshift.amazonaws.com")
        ),
        private_dns_enabled=True,
        vpc=self.vpc,
        security_groups=[securityGroup],
    )

Upvotes: 3

Related Questions