Amazon ElastiCache
API Reference (API Version 2015-02-02)

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.


Allows network ingress to a cache security group. Applications using ElastiCache must be running on Amazon EC2, and Amazon EC2 security groups are used as the authorization mechanism.


You cannot authorize ingress from an Amazon EC2 security group in one region to an ElastiCache cluster in another region.

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.


The cache security group that allows network ingress.

Type: String

Required: Yes


The Amazon EC2 security group to be authorized for ingress to the cache security group.

Type: String

Required: Yes


The AWS account number of the Amazon EC2 security group owner. Note that this is not the same thing as an AWS access key ID - you must provide a valid AWS account number for this parameter.

Type: String

Required: Yes

Response Elements

The following element is returned by the service.


Represents the output of one of the following operations:

  • AuthorizeCacheSecurityGroupIngress

  • CreateCacheSecurityGroup

  • RevokeCacheSecurityGroupIngress

Type: CacheSecurityGroup object


For information about the errors that are common to all actions, see Common Errors.


The specified Amazon EC2 security group is already authorized for the specified cache security group.

HTTP Status Code: 400


The requested cache security group name does not refer to an existing cache security group.

HTTP Status Code: 404


The current state of the cache security group does not allow deletion.

HTTP Status Code: 400


Two or more incompatible parameters were specified.

HTTP Status Code: 400


The value for a parameter is invalid.

HTTP Status Code: 400



Sample Request ?Action=AuthorizeCacheSecurityGroupIngress &EC2SecurityGroupName=default &CacheSecurityGroupName=mygroup &EC2SecurityGroupOwnerId=1234-5678-1234 &Version=2015-02-02 &SignatureVersion=4 &SignatureMethod=HmacSHA256 &Timestamp=20150202T192317Z &X-Amz-Credential=<credential>


Sample Response

<AuthorizeCacheSecurityGroupIngressResponse xmlns=""> <AuthorizeCacheSecurityGroupIngressResult> <CacheSecurityGroup> <EC2SecurityGroups> <EC2SecurityGroup> <Status>authorizing</Status> <EC2SecurityGroupName>default</EC2SecurityGroupName> <EC2SecurityGroupOwnerId>565419523791</EC2SecurityGroupOwnerId> </EC2SecurityGroup> </EC2SecurityGroups> <CacheSecurityGroupName>mygroup</CacheSecurityGroupName> <OwnerId>123456781234</OwnerId> <Description>My security group</Description> </CacheSecurityGroup> </AuthorizeCacheSecurityGroupIngress> <ResponseMetadata> <RequestId>817fa999-3647-11e0-ae57-f96cfe56749c</RequestId> </ResponseMetadata> </AuthorizeCacheSecurityGroupIngressResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: