[Enhancement]: Customize aws_cloudfront_vpc_origin for adding security group

[MitCoder]

Description

When I create the VPC origin within CloudFront, it automatically creates a Security Group associated with the VPC origin of CloudFront. I successfully created the VPC origin within CloudFront using Terraform with the resource aws_cloudfront_vpc_origin (Terraform 5.82.2)version ). However, I had to manually configure the Security Group to meet my requirements. I would like to find a way to customize the Security Group for VPC origin programmatically.

Affected Resource(s) and/or Data Source(s)

aws_cloudfront_vpc_origin

Potential Terraform Configuration

No response

References

https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_vpc_origin
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-vpc-origins.html

Would you like to implement a fix?

None

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[trevorrea]

I just came across this and it's really annoying! It's not solely the fact that you can't manage it. It's the fact you don't seem to get a unique security group per CloudFront distribution as well. It seems a bit half-baked from AWS.

The name is CloudFront-VPCOrigins-Service-SG with the tag aws.cloudfront.vpcorigin = enabled