Skip to content

/AWS1/CL_EC2=>REVOKESECURITYGROUPEGRESS()

About RevokeSecurityGroupEgress

Removes the specified outbound (egress) rules from the specified security group.

You can specify rules using either rule IDs or security group rule properties. If you use rule properties, the values that you specify (for example, ports) must match the existing rule's values exactly. Each rule has a protocol, from and to ports, and destination (CIDR range, security group, or prefix list). For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not need to specify the description to revoke the rule.

For a default VPC, if the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked.

Amazon Web Services recommends that you describe the security group to verify that the rules were removed.

Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.

Method Signature

IMPORTING

Required arguments:

IV_GROUPID TYPE /AWS1/EC2SECURITYGROUPID /AWS1/EC2SECURITYGROUPID

The ID of the security group.

Optional arguments:

IV_DRYRUN TYPE /AWS1/EC2BOOLEAN /AWS1/EC2BOOLEAN

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

IT_IPPERMISSIONS TYPE /AWS1/CL_EC2IPPERMISSION=>TT_IPPERMISSIONLIST TT_IPPERMISSIONLIST

The sets of IP permissions. You can't specify a destination security group and a CIDR IP address range in the same set of permissions.

IT_SECURITYGROUPRULEIDS TYPE /AWS1/CL_EC2SECGRPRULEIDLIST_W=>TT_SECURITYGROUPRULEIDLIST TT_SECURITYGROUPRULEIDLIST

The IDs of the security group rules.

IV_CIDRIP TYPE /AWS1/EC2STRING /AWS1/EC2STRING

Not supported. Use a set of IP permissions to specify the CIDR.

IV_FROMPORT TYPE /AWS1/EC2INTEGER /AWS1/EC2INTEGER

Not supported. Use a set of IP permissions to specify the port.

IV_IPPROTOCOL TYPE /AWS1/EC2STRING /AWS1/EC2STRING

Not supported. Use a set of IP permissions to specify the protocol name or number.

IV_TOPORT TYPE /AWS1/EC2INTEGER /AWS1/EC2INTEGER

Not supported. Use a set of IP permissions to specify the port.

IV_SOURCESECURITYGROUPNAME TYPE /AWS1/EC2STRING /AWS1/EC2STRING

Not supported. Use a set of IP permissions to specify a destination security group.

IV_SOURCESECGROUPOWNERID TYPE /AWS1/EC2STRING /AWS1/EC2STRING

Not supported. Use a set of IP permissions to specify a destination security group.

RETURNING

OO_OUTPUT TYPE REF TO /AWS1/CL_EC2RVKESECGRPEGRRSLT /AWS1/CL_EC2RVKESECGRPEGRRSLT