This is the preferred interface for making Security Groups with Fugue. The new function is the right place to start.

Module Members



Create a reference to an externally managed security group.

Example usage:

sg: EC2.SecurityGroup.external("sg-1234abcd", AWS.Us-east-1)

Type Signature

 fun (String, Region) -> SecurityGroup
Argument: securityGroupId

The ID of the target security group. Must be of the form “sg-” followed by 8 characters from a-z and 0-9.

Type: String

Argument: region

The region containing the target security group.

Type: Region


A reference to the specified security group.

Type: SecurityGroup



new Security Group (Constructor)

Call this constructor to create a new Fugue.AWS.EC2.SecurityGroup value.

Type Signature

 fun (SecurityGroupSpec) -> SecurityGroup
Argument: spec

A SecurityGroupSpec record.

Type: SecurityGroupSpec


A Fugue.Core.AWS.EC2.SecurityGroup record.

Example usage:

application-sg: EC2.SecurityGroup.new {
  description: "Allow http/s traffic from the Internet",
  ipPermissions: [
  vpc: production-vpc

Type: SecurityGroup



Retrieve the region from a SecurityGroup value.

Works for SecurityGroups defined in the composition as well external values.

Example usage:

sg1: EC2.SecurityGroup.new {
  vpc: EC2.Vpc.new {
    region: AWS.Us-west-2,
    cidrBlock: "",
  description: "sg1",
region1: EC2.SecurityGroup.region(sg1) # => AWS.Us-west-2

sg2: EC2.SecurityGroup.external("sg-1234567", AWS.Us-east-1)
region2: EC2.SecurityGroup.region(sg2) # => AWS.Us-east-1

Type Signature

 fun (SecurityGroup) -> Region
Argument: securityGroup

The SecurityGroup from which to get the region.

Type: SecurityGroup


The region containing the security group.

Type: Region



type SecurityGroupSpec:
  description: String
  ipPermissions: Optional<List<IpPermission>>
  ipPermissionsEgress: Optional<List<IpPermission>>
  vpc: Vpc
  tags: Optional<List<Tag>>

Security Group Specification (Resource)

This type of value is used to specify a security group for the SecurityGroup constructor, EC2.SecurityGroup. new(). Use the functions in Fugue.AWS.EC2.IpPermission.Target to construct the values for ipPermissions and ipPermissionsEgress.

Record {

Field: description

A useful description of the security group.

Type: String

Field: ipPermissions

A list of ingress rules, expressed as Fugue.Core.AWS.EC2.IpPermission values. Mutable.

Type: Optional<List<IpPermission>>

Field: ipPermissionsEgress

A list of egress rules, expressed as Fugue.Core.AWS.EC2.IpPermission values. If the field is omitted or None, the AWS defaults (all protocols and ports to “”) will be used. If a list is specified (including []), the default permission will be removed and the specified permissions added. Mutable.

Type: Optional<List<IpPermission>>

Field: vpc

The VPC with which to associate the security group. Only instances launched within this VPC may have this security group applied to them.

Type: Vpc

Field: tags

AWS tag key-value pairs to associate with the security group. Mutable.

Type: Optional<List<Tag>>




  ipPermissions: None
  ipPermissionsEgress: None
  tags: None

Security Group Specification (Default Values)