1 Answer
- Newest
- Most votes
- Most comments
1
Compared to cloudformation CDK is opinionated and includes settings to shortcut creating a resource. In your example a IOT vpc endpoint must allow 443 inbound for it to be at all useful so this rule is automatically added by default. You can override this be setting the parameter "open" to false (it is default true). See in docs
Relevant content
- asked a year ago
- asked 7 months ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
Thanks Peter, I didn't spot the 'open' prop! (And I think using the InterfaceVpcEndpoint construct is more appropriate in my context than the Vpc construct method). In my real code, I have other SG rules, so it's useful without 443 i/b :-)