I want to setup an ingress "Custome ICMP (IPv4)" rule for a security group, and the aws_security_group page isn't clear on what I need to put for the from_port and to_port values. It says (similar for the to_port)
from_port - (Required) The start port (or ICMP type number if protocol is "icmp" or "icmpv6")
What is ICMP type number? If I do this manually in the AWS console, the port is defaulted to N/A.
You can get the ICMP type number from this site
https://www.iana.org/assignments/icmp-parameters/icmp-parameters.xhtml
Assuming you want to allow a ping (Echo) to your server you can use the following terraform configuration
from_port = 8
to_port = 0
protocol = "icmp"
If you want to allow all ICMP you can use the following configuration:
from_port = -1
to_port = -1
protocol = "icmp"
Which was sourced from this blog:
https://blog.jwr.io/terraform/icmp/ping/security/groups/2018/02/02/terraform-icmp-rules.html