[VPC only] Removes the specified outbound (egress) rules from a security group for EC2-VPC.
This action does not apply to security groups for use in EC2-Classic.
You can specify rules using either rule IDs or security group rule properties. If you use
rule properties, the values that you specify (for example, ports) must match the existing rule's
values exactly. Each rule has a protocol, from and to ports, and destination (CIDR range,
security group, or prefix list). For the TCP and UDP protocols, you must also specify the
destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type
and code. If the security group rule has a description, you do not need to specify the description
to revoke the rule.
[Default VPC] If the values you specify do not match the existing rule's values, no error is
returned, and the output describes the security group rules that were not revoked.
Amazon Web Services recommends that you describe the security group to verify that the rules were removed.
Rule changes are propagated to instances within the security group as quickly as possible. However,
a small delay might occur.
example
Use a bare-bones client and the command you need to make an API call.
[VPC only] Removes the specified outbound (egress) rules from a security group for EC2-VPC. This action does not apply to security groups for use in EC2-Classic.
You can specify rules using either rule IDs or security group rule properties. If you use rule properties, the values that you specify (for example, ports) must match the existing rule's values exactly. Each rule has a protocol, from and to ports, and destination (CIDR range, security group, or prefix list). For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not need to specify the description to revoke the rule.
[Default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked.
Amazon Web Services recommends that you describe the security group to verify that the rules were removed.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
Use a bare-bones client and the command you need to make an API call.
import { EC2Client, RevokeSecurityGroupEgressCommand } from "@aws-sdk/client-ec2"; // ES Modules import // const { EC2Client, RevokeSecurityGroupEgressCommand } = require("@aws-sdk/client-ec2"); // CommonJS import const client = new EC2Client(config); const command = new RevokeSecurityGroupEgressCommand(input); const response = await client.send(command);RevokeSecurityGroupEgressCommandInput for command's
inputshape.RevokeSecurityGroupEgressCommandOutput for command's
responseshape.config for EC2Client's
configshape.