AWS EC2 Authorize Security Group Ingress
Version 1
This handler uses the AWS REST API to Add a security group ingress rule to a security group. This handler implements a subset of the full AWS call (single rule submission only). Most of the inputs for this handler are conditionally required based on other input values. Source Security Group Name is required if a CIDR IP Address Name isn't specified and vice versa. Also, if a Source Security Group Name and/or Source Security Group Owner ID are provided, the IP Protocol, From Port, To Port, and CIDR IP Address Range must be left blank. This handler returns no results, so if no errors are caught and raised the rule has been successfully applied.
More specific information about these parameters can be found in the Amazon EC2 Ruby documentation (http://docs.aws.amazon.com/sdkforruby/api/Aws/EC2/Client.html#authorizesecuritygroupingress-instancemethod) and in the EC2 REST documentation (http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html).
The Dry Run parameter validates user permissions and inputs. If it is set to true, an error will always be thrown by the handler before completing the handler action. Error response will be 'DryRunOperation' if the account has proper permissions and inputs; 'UnauthorizedOperation' if the account does not have proper permissions.
Parameters
| Name |
Description |
| Dry Run |
Dry run validates user permissions and inputs without completing the EC2 action (true or false). |
| Group Name |
The name of the security group. Normally used for the EC2-Classic or the default VPC security group. |
| Group ID |
The ID of the security group. Required for a non-default VPC. |
| Source Security Group Name |
The name of the source security group. For EC2-VPC, the source security group must be in the same VPC. |
| Source Security Group Owner ID |
TThe AWS account number for the source security group. For EC2-VPC, the source security group must be in the same VPC. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead. |
| IP Protocol |
The IP protocol name (tcp, udp, icmp). (VPC only) Use -1 to specify all. You can't specify this parameter when specifying a source security group. |
| From Port |
The start of port range for the TCP and UDP protocols, or an ICMP type number. For the ICMP type number, use -1 to specify all ICMP types. You can't specify this parameter when specifying a source security group. |
| To Port |
The end of port range for the TCP and UDP protocols, or an ICMP code number. For the ICMP code number, use -1 to specify all ICMP codes for the ICMP type. You can't specify this parameter when specifying a source security group. |
| CIDR IP Address Range |
The CIDR IP address range. You can't specify this parameter when specifying a source security group. |
Sample Configuration
| Name |
Description |
| Dry Run |
false |
| Group Name |
DevGroup |
| Group ID |
sg-94a22af0 |
| Source Security Group Name |
|
| Source Security Group Owner ID |
|
| IP Protocol |
tcp |
| From Port |
22 |
| To Port |
23 |
| CIDR IP Address Range |
0.0.0.0/0 |
Results
This handler does not return any results.
Changelog
AWS EC2 Authorize Security Group Ingress V1 (2017-08-21)
- Initial version. See README for details.
Related Handlers
- AWS EC2 Associate Route Table
- Associates a subnet with a route table.
- AWS EC2 Attach Internet Gateway
- Attaches an Internet gateway to a VPC, enabling connectivity between the Internet and the VPC.
- AWS EC2 Create Internet Gateway
- Creates an internet gateway
- AWS EC2 Create Key Pair As Attachment
- Creates a 2048-bit RSA key pair with the specified name and attaches the result to a Kinetic Request CE submission.
- AWS EC2 Create Key Pair
- Creates a 2048-bit RSA key pair with the specified name.
- AWS EC2 Create Network Interface
- Creates a network interface in the specified subnet. For more information see the Amazon Elastic Cloud Compute User Guide online.
- AWS EC2 Create Route Table
- Creates a route table for the specified VPC.
- AWS EC2 Create Route
- Creates a route in the route table within a VPC.
- AWS EC2 Create Security Group
- This handler is used to create a security group in AWS.
- AWS EC2 Create Subnet
- Creates a subnet in an existing VPC.
- AWS EC2 Create Tag
- Creates a single tag against a single resource.
- AWS EC2 Create VPC
- Creates a VPC
- AWS EC2 Delete Internet Gateway
- Deletes a VPC
- AWS EC2 Delete Key Pair
- Deletes the specified key pair, by removing the public key from Amazon EC2.
- AWS EC2 Delete Network Interface
- Deletes the specified network interface. You must detach the network interface before you can delete it.
- AWS EC2 Delete Route Table
- Deletes a specified route table.
- AWS EC2 Delete Route
- Deletes the specified route from the specified route table.
- AWS EC2 Delete Security Group
- Deletes a security group.
- AWS EC2 Delete Subnet
- Deletes a specified subnet.
- AWS EC2 Delete Tag
- Deletes a single tag against a single resource.
- AWS EC2 Delete VPC
- Deletes a VPC
- AWS EC2 Describe Availability Zone
- Returns a single availability zone's Name, State, and Region.
- AWS EC2 Describe Availability Zones
- Returns a set of availability zones and details for each of those zones.
- AWS EC2 Describe Images
- Describes one or more of the images (AMIs, AKIs, and ARIs) available to you. Images available to you include public images, private images that you own, and private images owned by other AWS accounts but for which you have explicit launch permissions.
- AWS EC2 Detach Internet Gateway
- Detaches an Internet gateway from a VPC, disabling connectivity between the Internet and the VPC.
- AWS EC2 Disassociate Route Table
- Disassociates a subnet from a route table.
- AWS EC2 Image List
- Retrieves list of machine images attached to the AWS credentials supplied
- AWS EC2 Image Retrieve
- Retrieves the properties of the image supplied
- AWS EC2 Instance List
- Retrieves list of machine instances attached to the AWS credentials supplied
- AWS EC2 Instance Retrieve Status
- Retrieves the status of a particular EC2 instance.
- AWS EC2 Instance Retrieve
- Retrieves the properties of the machine instance supplied
- AWS EC2 Instance Start
- This handler sends a start request to an AWS EC2 machine instance
- AWS EC2 Instance Stop
- This handler sends a stop request to an AWS EC2 machine instance
- AWS EC2 Modify Instance Attribute
- Modifies the specified attribute of the specified instance. You can specify only one attribute at a time.
- AWS EC2 Revoke Security Group Ingress
- Removes one or more ingress rules from a security group.
- AWS EC2 Run Instances
- Launches the specified number of instances using an AMI for which you have permissions.
1-651-556-1030
sales@kineticdata.com
