AWS CloudFormation
User Guide (API Version 2010-05-15)
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.Did this page help you?  Yes | No |  Tell us about it...

AWS::RDS::DBSecurityGroupIngress

The AWS::RDS::DBSecurityGroupIngress type enables ingress to a DBSecurityGroup using one of two forms of authorization. First, EC2 or VPC security groups can be added to the DBSecurityGroup if the application using the database is running on EC2 or VPC instances. Second, IP ranges are available if the application accessing your database is running on the Internet. For more information about DB security groups, see Working with DB security groups

This type supports updates. For more information about updating stacks, see AWS CloudFormation Stacks Updates.

For details about the settings for DB security group ingress, see AuthorizeDBSecurityGroupIngress.

Syntax

{
   "CIDRIP": String,
   "DBSecurityGroupName": String,
   "EC2SecurityGroupId": String,
   "EC2SecurityGroupName": String,
   "EC2SecurityGroupOwnerId": String
}     

Properties

CIDRIP

The IP range to authorize.

For an overview of CIDR ranges, go to the Wikipedia Tutorial.

Type: String

Required: No

Update requires: Replacement

DBSecurityGroupName

The name (ARN) of the AWS::RDS::DBSecurityGroup to which this ingress will be added.

Type: String

Required: Yes

Update requires: Replacement

EC2SecurityGroupId

The ID of the VPC or EC2 security group to authorize.

For VPC DB security groups, use EC2SecurityGroupId. For EC2 security groups, use EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId.

Type: String

Required: No

Update requires: Replacement

EC2SecurityGroupName

The name of the EC2 security group to authorize.

For VPC DB security groups, use EC2SecurityGroupId. For EC2 security groups, use EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId.

Type: String

Required: No

Update requires: Replacement

EC2SecurityGroupOwnerId

The AWS Account Number of the owner of the EC2 security group specified in the EC2SecurityGroupName parameter. The AWS Access Key ID is not an acceptable value.

For VPC DB security groups, use EC2SecurityGroupId. For EC2 security groups, use EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId.

Type: String

Required: No

Update requires: Replacement

Return Values

Ref

When the logical ID of this resource is provided to the Ref intrinsic function, it returns the resource name.

For more information about using the Ref function, see Ref.

See Also