Amazon Web Services: EC2 - Security Groups
Summary
This module contains actions for viewing & managing EC2 security groups.
Actions
aws.ec2.security_groups.
create
Create a new security group.
Minimum Plugin Version: 2.0.0
Idempotent Action
This action will do nothing if a security group already exists with the same name.
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
name: the new security group name
-
description: a description for the new security group
-
vpc_id: the VPC ID to create the group in (defaults to the region's default VPC)
Output
true
if the security group was createdfalse
if a security group with the same name already exists
Example
1 2 3 4 5 6 |
|
aws.ec2.security_groups.
create_inbound_rule
Create an inbound rule in a security group.
Minimum Plugin Version: 2.0.0
Idempotent Action
This action will do nothing if a matching inbound rule already exists in the security group.
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
group_id: the ID of the security group
-
protocol: the inbound rule protocol (
tcp
,udp
, or-1
for any) -
from_port: the start of the rule port range
-
to_port: the end of the rule port range
-
cidr: the CIDR address for permitted traffic
-
rule_description: a description for the rule (defaults to empty)
Output
true
if the inbound rule was createdfalse
if a matching inbound rule already exists
Example
1 2 3 4 5 6 7 8 9 10 |
|
aws.ec2.security_groups.
delete
Delete a security group.
Minimum Plugin Version: 2.0.0
Idempotent Action
This action will do nothing if the supplied group doesn't exist.
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
group_id: the ID of the group to delete
Output
true
if the security group was deletedfalse
if it does not exist
Example
Finding a group with get_by_name, saving it as group
, & deleting it:
1 2 3 4 5 6 7 8 9 10 11 12 13 |
|
aws.ec2.security_groups.
get_all
Get all security groups.
Minimum Plugin Version: 2.0.0
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
vpc_id: the VPC ID to look in (defaults to all VPCs for the supplied region)
Output
A list of EC2SecurityGroup dictionaries.
Example
1 2 3 4 5 |
|
aws.ec2.security_groups.
get_by_id
Get a security group with a specific group ID.
Minimum Plugin Version: 2.0.0
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
group_id: the security group ID to search for
Output
A single EC2SecurityGroup dictionary.
Example
1 2 3 4 5 6 |
|
aws.ec2.security_groups.
get_by_inbound_cidr
Get all security groups that have inbound rules for the supplied CIDR address.
Minimum Plugin Version: 2.0.0
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
cidr: the source CIDR address
-
vpc_id: the VPC ID to look in (defaults to all VPCs for the supplied region)
Output
A list of EC2SecurityGroup dictionaries.
Example
1 2 3 4 5 6 |
|
aws.ec2.security_groups.
get_by_inbound_port
Get all security groups that have inbound rules for the supplied port.
Minimum Plugin Version: 2.0.0
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
port: the inbound port
-
vpc_id: the VPC ID to look in (defaults to all VPCs for the supplied region)
Output
A list of EC2SecurityGroup dictionaries.
Example
1 2 3 4 5 6 |
|
aws.ec2.security_groups.
get_by_inbound_protocol
Get all security groups that have inbound rules for the supplied protocol.
Minimum Plugin Version: 2.0.0
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
protocol: the inbound rule protocol (
tcp
,udp
, or-1
for any) -
vpc_id: the VPC ID to look in (defaults to all VPCs for the supplied region)
Output
A list of EC2SecurityGroup dictionaries.
Example
1 2 3 4 5 6 |
|
aws.ec2.security_groups.
get_by_name
Get a security group with a specific name.
Minimum Plugin Version: 2.0.0
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
name: the security group name to search for
-
vpc_id: the VPC ID to look in (defaults to all VPCs for the supplied region)
Output
A single EC2SecurityGroup dictionary.
Example
1 2 3 4 5 6 |
|
aws.ec2.security_groups.
get_no_instance
Get all security groups that are not associated with an instance.
Minimum Plugin Version: 2.0.0
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
vpc_id: the VPC ID to look in (defaults to all VPCs for the supplied region)
Output
A list of EC2SecurityGroup dictionaries.
Example
1 2 3 4 5 |
|
aws.ec2.security_groups.
get_no_network_interface
Get all security groups that are not associated with a network interface.
Minimum Plugin Version: 2.0.0
Input
-
aws_client: an AWSClient dictionary
-
region_name: the EC2 region name
-
vpc_id: the VPC ID to look in (defaults to all VPCs for the supplied region)
Output
A list of EC2SecurityGroup dictionaries.
Example
1 2 3 4 5 |
|
aws.ec2.security_groups.
input_table
Display a list of security groups in a table, & allow the task operator to make a selection.
The table will have the following columns:
- Name
- ID
- Description
- Inbound Rule Count
- Outbound Rule Count
- VPC ID
Minimum Plugin Version: 2.0.0
Input
-
text: the title of the table
-
groups: a list of EC2SecurityGroup dictionaries to display in the table
-
minimum: The minimum number of acceptable selections
-
maximum: The maximum number of acceptable selections
Output
A list of EC2SecurityGroup dictionaries.
Tip
-
If neither a
minimum
ormaximum
is provided, the task operator will be able to submit 0 selections. -
If
minimum
ormaximum
are provided, the operation will repeat until a valid number of selections is made.
Example
Finding security groups with get_all, saving them as groups
, & waiting for a single selection:
1 2 3 4 5 6 7 8 9 10 11 12 13 |
|
aws.ec2.security_groups.
output_inbound_rule_table
Display the inbound rules for a security groups in a table.
The table will have the following columns:
- Protocol
- From Port
- To Port
- Allowed IPv4 CIDR
- Description
Minimum Plugin Version: 2.0.0
Input
-
text: the title of the table
-
group: a single EC2SecurityGroup dictionary
Output
Nothing is outputted by this action.
Example
Finding a security group with get_by_name, saving it as group
, & displaying the inbound rules:
1 2 3 4 5 6 7 8 9 10 11 |
|
aws.ec2.security_groups.
output_table
Display a list of security groups in a table.
The table will have the following columns:
- Name
- ID
- Description
- Inbound Rule Count
- Outbound Rule Count
- VPC ID
Minimum Plugin Version: 2.0.0
Input
-
text: the title of the table
-
groups: a single or list of EC2SecurityGroup dictionaries
Output
Nothing is outputted by this action.
Single Group
Finding a security group with get_by_name, saving it as group
, & displaying it:
1 2 3 4 5 6 7 8 9 10 11 |
|
Multiple Groups
Finding all security groups with get_all, saving them as groups
, & displaying them:
1 2 3 4 5 6 7 8 9 10 |
|