You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::EC2::SecurityGroup
- Inherits:
-
Resources::Resource
- Object
- Resources::Resource
- Aws::EC2::SecurityGroup
- Defined in:
- (unknown)
Instance Attribute Summary collapse
-
#description ⇒ String
readonly
A description of the security group.
-
#group_id ⇒ String
readonly
The ID of the security group.
-
#group_name ⇒ String
readonly
The name of the security group.
-
#id ⇒ String
readonly
-
#ip_permissions ⇒ Array<Types::IpPermission>
readonly
The inbound rules associated with the security group.
-
#ip_permissions_egress ⇒ Array<Types::IpPermission>
readonly
[VPC only] The outbound rules associated with the security group.
-
#owner_id ⇒ String
readonly
The AWS account ID of the owner of the security group.
-
#tags ⇒ Array<Types::Tag>
readonly
Any tags assigned to the security group.
-
#vpc_id ⇒ String
readonly
[VPC only] The ID of the VPC for the security group.
Attributes inherited from Resources::Resource
Instance Method Summary collapse
-
#authorize_egress(options = {}) ⇒ Struct
[VPC only] Adds the specified egress rules to a security group for use with a VPC.
An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 CIDR address ranges, or to the instances associated with the specified destination security groups.
You specify a protocol for each rule (for example, TCP).
-
#authorize_ingress(options = {}) ⇒ Struct
Adds the specified ingress rules to a security group.
An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR address ranges, or from the instances associated with the specified destination security groups.
You specify a protocol for each rule (for example, TCP).
-
#create_tags(options = {}) ⇒ Array<Tag>
-
#delete(options = {}) ⇒ Struct
Deletes a security group.
If you attempt to delete a security group that is associated with an instance, or is referenced by another security group, the operation fails with
.InvalidGroup.InUse
in EC2-Classic orDependencyViolation
in EC2-VPC. -
#delete_tags(options = {}) ⇒ Array<Tag>
-
#initialize ⇒ Object
constructor
-
#revoke_egress(options = {}) ⇒ Types::RevokeSecurityGroupEgressResult
[VPC only] Removes the specified egress rules from a security group for EC2-VPC.
-
#revoke_ingress(options = {}) ⇒ Types::RevokeSecurityGroupIngressResult
Removes the specified ingress rules from a security group.
Methods inherited from Resources::Resource
add_data_attribute, add_identifier, #data, data_attributes, #data_loaded?, identifiers, #load, #wait_until
Methods included from Resources::OperationMethods
#add_batch_operation, #add_operation, #batch_operation, #batch_operation_names, #batch_operations, #operation, #operation_names, #operations
Constructor Details
#initialize(id, options = {}) ⇒ Object #initialize(options = {}) ⇒ Object
Instance Attribute Details
#description ⇒ String (readonly)
A description of the security group.
#group_id ⇒ String (readonly)
The ID of the security group.
#group_name ⇒ String (readonly)
The name of the security group.
#id ⇒ String (readonly)
#ip_permissions ⇒ Array<Types::IpPermission> (readonly)
The inbound rules associated with the security group.
#ip_permissions_egress ⇒ Array<Types::IpPermission> (readonly)
[VPC only] The outbound rules associated with the security group.
#owner_id ⇒ String (readonly)
The AWS account ID of the owner of the security group.
#tags ⇒ Array<Types::Tag> (readonly)
Any tags assigned to the security group.
#vpc_id ⇒ String (readonly)
[VPC only] The ID of the VPC for the security group.
Instance Method Details
#authorize_egress(options = {}) ⇒ Struct
[VPC only] Adds the specified egress rules to a security group for use with a VPC.
An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 CIDR address ranges, or to the instances associated with the specified destination security groups.
You specify a protocol for each rule (for example, TCP). For the TCP and UDP protocols, you must also specify the destination port or port range. For the ICMP protocol, you must also specify the ICMP type and code. You can use -1 for the type or code to mean all types or all codes.
Rule changes are propagated to affected instances as quickly as possible. However, a small delay might occur.
For more information about VPC security group limits, see Amazon VPC Limits.
#authorize_ingress(options = {}) ⇒ Struct
Adds the specified ingress rules to a security group.
An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR address ranges, or from the instances associated with the specified destination security groups.
You specify a protocol for each rule (for example, TCP). For TCP and UDP, you must also specify the destination port or port range. For ICMP/ICMPv6, you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean all types or all codes.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
For more information about VPC security group limits, see Amazon VPC Limits.
#create_tags(options = {}) ⇒ Array<Tag>
#delete(options = {}) ⇒ Struct
Deletes a security group.
If you attempt to delete a security group that is associated with an instance, or is referenced by another security group, the operation fails with InvalidGroup.InUse
in EC2-Classic or DependencyViolation
in EC2-VPC.
#delete_tags(options = {}) ⇒ Array<Tag>
#revoke_egress(options = {}) ⇒ Types::RevokeSecurityGroupEgressResult
[VPC only] Removes the specified egress rules from a security group for EC2-VPC. This action does not apply to security groups for use in EC2-Classic. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.
[Default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked. AWS recommends that you use DescribeSecurityGroups to verify that the rule has been removed.
Each rule consists of the protocol and the IPv4 or IPv6 CIDR range or source security group. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
#revoke_ingress(options = {}) ⇒ Types::RevokeSecurityGroupIngressResult
Removes the specified ingress rules from a security group. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.
[EC2-Classic , default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked. AWS recommends that you use DescribeSecurityGroups to verify that the rule has been removed.
Each rule consists of the protocol and the CIDR range or source security group. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.