copilot-cli icon indicating copy to clipboard operation
copilot-cli copied to clipboard

Published 20 hours ago verified publisher icon aws

Specify an existing security group id for app runner

Open Danwakeem opened this issue 1 year ago • 3 comments

It doesn't look like there is a way to specify an existing security group when deploying a request driven web service.

It would be nice if there was a way to specify an existing security group like this 👇

network:
  vpc:
    id: vpc-xxx
    subnets:
      public:
        - id: subnet-xxx
        - id: subnet-xxx
      private:
        - id: subnet-xxx
        - id: subnet-xxx
    security_group:
        - id: sg-xxx

Danwakeem avatar Oct 18 '23 02:10 Danwakeem

Hello @Danwakeem !

If you want your request driven web service to be connected to VPC.

You can set network.vpc.placement to private. And copilot will associate a security group to allow ingress from the app runner service to other services in your environment.

If you want to bring in your own security group you can use yamplatches to add the aditional security group to attach for your request driven service. let us know if this helps!

KollaAdithya avatar Oct 18 '23 21:10 KollaAdithya

Any examples for a yaml patch to add an additional security group to a copilot service?

clay-risser avatar Nov 30 '23 17:11 clay-risser

This issue is stale because it has been open 60 days with no response activity. Remove the stale label, add a comment, or this will be closed in 14 days.

github-actions[bot] avatar Jan 30 '24 00:01 github-actions[bot]

This issue is stale because it has been open 60 days with no response activity. Remove the stale label, add a comment, or this will be closed in 14 days.

github-actions[bot] avatar Mar 31 '24 00:03 github-actions[bot]

This issue is closed due to inactivity. Feel free to reopen the issue if you have any further questions!

github-actions[bot] avatar Apr 14 '24 00:04 github-actions[bot]