[Feature]: Add security group ingress rule to the default SG created by module

[smcaulay-peaksware]

Problem Statement

While the default SG created by the module is sufficient, it is not when using the self-hosted runner to run Packer. At the moment, I'm required to create a new security group so I may add this one rule:

{
from_port = 1024
to_port = 65535
protocol = "TCP"
cidr_blocks = "my-vpc-cidr"
description = "Required to run Packer on CodeBuild"
},

Proposed Solution

It would be nice to have the option to either create new SGs or add custom security group rules to the default SG created by the module.

Alternatives Considered

Create a new security group and use the security_group_ids var to override the default. While this works, the proposed solution of adding security group rules to the default SG feels cleaner.

Use Case

Executing Packer via CodeBuild-Github-Runner solution. The WinRM port is blocked unless that security group rule exists. I haven't tried our packer code that uses the SSH communicator, but I'll likely run into the same issue I did with WinRM.

Feature Category

Networking / VPC

Priority

Medium - Would improve my workflow

Example Configuration

Additional Context

No response

Contribution

• I'm willing to submit a pull request for this feature

Code of Conduct

• I agree to follow this project's Code of Conduct