security_group
Gets or updates an individual security_group resource, use security_groups to retrieve a list of resources or to create or delete a resource.
Overview
| Name | security_group |
| Type | Resource |
| Description | Resource Type definition for AWS::EC2::SecurityGroup |
| Id | aws.ec2.security_group |
Fields
| Name | Datatype | Description |
|---|---|---|
group_description | string | A description for the security group. |
group_name | string | The name of the security group. |
vpc_id | string | The ID of the VPC for the security group. |
id | string | The group name or group ID depending on whether the SG is created in default or specific VPC |
security_group_ingress | array | The inbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group. |
security_group_egress | array | [VPC only] The outbound rules associated with the security group. There is a short interruption during which you cannot connect to the security group. |
tags | array | Any tags assigned to the security group. |
group_id | string | The group ID of the specified security group. |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
get_resource | SELECT | data__Identifier, region |
SELECT Example
SELECT
region,
group_description,
group_name,
vpc_id,
id,
security_group_ingress,
security_group_egress,
tags,
group_id
FROM aws.ec2.security_group
WHERE region = 'us-east-1' AND data__Identifier = '<Id>';
Permissions
To operate on the security_group resource, the following permissions are required:
Read
ec2:DescribeSecurityGroups
Update
ec2:RevokeSecurityGroupEgress,
ec2:RevokeSecurityGroupIngress,
ec2:DescribeSecurityGroups,
ec2:AuthorizeSecurityGroupEgress,
ec2:AuthorizeSecurityGroupIngress,
ec2:CreateTags,
ec2:DeleteTags