AuthorizeSecurityGroupIngress#

Description#

Adds one or more inbound rules to a security group. This action gives one or more CIDR IP address ranges permission to access a security group in your account, or gives one or more security groups (called source groups) permission to access a security group for your account.

Request Parameters#

  • GroupId — The ID of the security group.

    • Type: String

    • Required: Yes

  • IpPermissions.n.IpProtocol — The protocol.

    • Type: String

    • Required: Yes

    • Valid values: IP protocol name or number (see Protocol Numbers)

  • IpPermissions.n.FromPort — The start of port range for the TCP and UDP protocols, or an ICMP code. The value of -1 indicates all ICMP types.

    • Type: Integer

  • IpPermissions.n.ToPort — The end of port range for the TCP and UDP protocols, or an ICMP code. The value of -1 indicates all ICMP codes for the specified ICMP type.

    • Type: Integer

  • IpPermissions.n.Groups.n.UserId — The ID of the account.

    • Type: String

    • Required: Yes

    • Constraints: Can’t be used with IpPermissions.n.IpRanges.n.CidrIp and IpPermissions.n.Ipv6Ranges.n.CidrIpv6

  • IpPermissions.n.Groups.n.GroupId — The ID of the security group.

    • Type: String

    • Required: No

    • Constraints: Can’t be used with IpPermissions.n.IpRanges.n.CidrIp and IpPermissions.n.Ipv6Ranges.n.CidrIpv6

  • IpPermissions.n.Groups.n.Description — The description of the security group rule.

    • Type: String

    • Required: No

  • IpPermissions.n.IpRanges.n.CidrIp — The IPv4 address in CIDR notation.

    • Type: String

    • Required: No

    • Constraints: Can’t be used with IpPermissions.n.Groups and IpPermissions.n.Ipv6Ranges.n.CidrIpv6

  • IpPermissions.n.IpRanges.n.Description — The description of the security group rule.

    • Type: String

    • Required: No

  • IpPermissions.n.Ipv6Ranges.n.CidrIpv6 — The IPv6 address in CIDR notation.

    • Type: String

    • Required: No

    • Constraints: Can’t be used with IpPermissions.n.Groups and IpPermissions.n.IpRanges.n.CidrIp

  • IpPermissions.n.Ipv6Ranges.n.Description — The description of the security group rule.

    • Type: String

    • Required: No

Response Elements#

  • requestId — The request ID

    • Type: String

  • returnTrue is returned if the request succeeds, and an error otherwise

    • Type: Boolean

Examples#

c2-ec2 AuthorizeSecurityGroupIngress GroupId <group_id> IpPermissions.1.IpProtocol icmp IpPermissions.1.FromPort -1 IpPermissions.1.ToPort -1 IpPermissions.1.IpRanges.1.CidrIp 0.0.0.0/0

c2-ec2 AuthorizeSecurityGroupIngress GroupId <group_id> IpPermissions.1.IpProtocol tcp IpPermissions.1.FromPort 22 IpPermissions.1.ToPort 22 IpPermissions.1.IpRanges.1.CidrIp 0.0.0.0/0

c2-ec2 AuthorizeSecurityGroupIngress GroupId <group_id> IpPermissions.1.IpProtocol 6 IpPermissions.1.FromPort 650 IpPermissions.1.ToPort 650 IpPermissions.1.Ipv6Ranges.1.CidrIpv6 ::/128

c2-ec2 AuthorizeSecurityGroupIngress GroupId <group_id> IpPermissions.1.IpProtocol udp IpPermissions.1.FromPort 650 IpPermissions.1.ToPort 700 IpPermissions.1.Groups.1.GroupId <group_id_2>