AWS EC2 Revoke Security Group Ingress logo

AWS EC2 Revoke Security Group Ingress Version 1

This handler uses the AWS REST API to Remove one or more ingress rules from a security group. The values that you specify in the revoke request (for example, ports) must match the existing rule's values for the rule to be removed. Each rule consists of the protocol and the CIDR range or source security group. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur. This handler implements a subset of the full AWS call (single rule submission only). For more information see the AWS Amazon Virtual Private Cloud User Guide online. The Dry Run parameter validates user permissions and inputs. If it is set to true, an error will always be thrown by the handler before completing the handler action. Error response will be 'DryRunOperation' if the account has proper permissions and inputs; 'UnauthorizedOperation' if the account does not have proper permissions.

Parameters

Name Description
Dry Run Dry run validates user permissions and inputs without completing the EC2 action (true or false).
Group Name The name of the security group.
Group ID The ID of the security group. Required for a non-default VPC.
Source Security Group Name The name of the source security group.
Source Security Owner ID The AWS account ID for the source security group.
IP Protocol The IP protocol name (tcp, udp, icmp). Use -1 to specify all.
From Port The start of port range for the TCP and UDP protocols, or an ICMP type number.
To Port The end of port range for the TCP and UDP protocols, or an ICMP code number.
CIDR IP Address Range The CIDR IP address range.

Sample Configuration

Name Description
Dry Run
Group Name
Group ID
Source Security Group Name
Source Security Owner ID
IP Protocol
From Port
To Port
CIDR IP Address Range

Results

This handler does not return any results.

Changelog

AWS EC2 Revoke Security Group Ingress V1 (2017-08-24)

  • Initial version. See README for details.


Related Handlers

AWS EC2 Attach Internet Gateway
Attaches an Internet gateway to a VPC, enabling connectivity between the Internet and the VPC.
AWS EC2 Authorize Security Group Ingress
Add a security group ingress rule to a security group.
AWS EC2 Create Internet Gateway
Creates an internet gateway
AWS EC2 Create Key Pair As Attachment
Creates a 2048-bit RSA key pair with the specified name and attaches the result to a Kinetic Request CE submission.
AWS EC2 Create Key Pair
Creates a 2048-bit RSA key pair with the specified name.
AWS EC2 Create Network Interface
Creates a network interface in the specified subnet. For more information see the Amazon Elastic Cloud Compute User Guide online.
AWS EC2 Create Route
Creates a route in the route table within a VPC.
AWS EC2 Create Security Group
This handler is used to create a security group in AWS.
AWS EC2 Create Subnet
Creates a subnet in an existing VPC.
AWS EC2 Create Tag
Creates a single tag against a single resource.
AWS EC2 Create VPC
Creates a VPC
AWS EC2 Delete Internet Gateway
Deletes a VPC
AWS EC2 Delete Network Interface
Deletes the specified network interface. You must detach the network interface before you can delete it.
AWS EC2 Delete Route Table
Deletes a specified route table.
AWS EC2 Delete Route
Deletes the specified route from the specified route table.
AWS EC2 Delete Security Group
Deletes a security group.
AWS EC2 Delete Subnet
Deletes a specified subnet.
AWS EC2 Delete Tag
Deletes a single tag against a single resource.
AWS EC2 Delete VPC
Deletes a VPC
AWS EC2 Describe Availability Zones
Returns a set of availability zones and details for each of those zones.
AWS EC2 Describe Images
Describes one or more of the images (AMIs, AKIs, and ARIs) available to you. Images available to you include public images, private images that you own, and private images owned by other AWS accounts but for which you have explicit launch permissions.
AWS EC2 Detach Internet Gateway
Detaches an Internet gateway from a VPC, disabling connectivity between the Internet and the VPC.
AWS EC2 Disassociate Route Table
Disassociates a subnet from a route table.
AWS EC2 Image Retrieve
Retrieves the properties of the image supplied
AWS EC2 Instance List
Retrieves list of machine instances attached to the AWS credentials supplied
AWS EC2 Instance Retrieve Status
Retrieves the status of a particular EC2 instance.
AWS EC2 Instance Retrieve
Retrieves the properties of the machine instance supplied
AWS EC2 Instance Start
This handler sends a start request to an AWS EC2 machine instance
AWS EC2 Instance Stop
This handler sends a stop request to an AWS EC2 machine instance
AWS EC2 Modify Instance Attribute
Modifies the specified attribute of the specified instance. You can specify only one attribute at a time.
AWS EC2 Run Instances
Launches the specified number of instances using an AMI for which you have permissions.