---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "stackit_security_group_rule Resource - stackit"
subcategory: ""
description: |-
  Security group rule resource schema. Must have a region specified in the provider configuration.
  ~> This resource is in beta and may be subject to breaking changes in the future. Use with caution. See our guide https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/guides/opting_into_beta_resources for how to opt-in to use beta resources.
---

# stackit_security_group_rule (Resource)

Security group rule resource schema. Must have a `region` specified in the provider configuration.

~> This resource is in beta and may be subject to breaking changes in the future. Use with caution. See our [guide](https://registry.terraform.io/providers/stackitcloud/stackit/latest/docs/guides/opting_into_beta_resources) for how to opt-in to use beta resources.

## Example Usage

```terraform
resource "stackit_security_group_rule" "example" {
  project_id        = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
  security_group_id = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
  direction         = "ingress"
  icmp_parameters = {
    code = 0
    type = 8
  }
  protocol = {
    name = "icmp"
  }
}
```

<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `direction` (String) The direction of the traffic which the rule should match. Some of the possible values are: Supported values are: `ingress`, `egress`.
- `project_id` (String) STACKIT project ID to which the security group rule is associated.
- `security_group_id` (String) The security group ID.

### Optional

- `description` (String) The rule description.
- `ether_type` (String) The ethertype which the rule should match.
- `icmp_parameters` (Attributes) ICMP Parameters. These parameters should only be provided if the protocol is ICMP. (see [below for nested schema](#nestedatt--icmp_parameters))
- `ip_range` (String) The remote IP range which the rule should match.
- `port_range` (Attributes) The range of ports. This should only be provided if the protocol is not ICMP. (see [below for nested schema](#nestedatt--port_range))
- `protocol` (Attributes) The internet protocol which the rule should match. (see [below for nested schema](#nestedatt--protocol))
- `remote_security_group_id` (String) The remote security group which the rule should match.

### Read-Only

- `id` (String) Terraform's internal resource ID. It is structured as "`project_id`,`security_group_id`,`security_group_rule_id`".
- `security_group_rule_id` (String) The security group rule ID.

<a id="nestedatt--icmp_parameters"></a>
### Nested Schema for `icmp_parameters`

Required:

- `code` (Number) ICMP code. Can be set if the protocol is ICMP.
- `type` (Number) ICMP type. Can be set if the protocol is ICMP.


<a id="nestedatt--port_range"></a>
### Nested Schema for `port_range`

Required:

- `max` (Number) The maximum port number. Should be greater or equal to the minimum.
- `min` (Number) The minimum port number. Should be less or equal to the maximum.


<a id="nestedatt--protocol"></a>
### Nested Schema for `protocol`

Optional:

- `name` (String) The protocol name which the rule should match. Either `name` or `number` must be provided.
- `number` (Number) The protocol number which the rule should match. Either `name` or `number` must be provided.