AWS EC2

Modify security group rules

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Modify the rules of a security group.

Inputs

Expand All

フィールド

種類

説明

region [required]

enum

default: us-east-1

groupId [required]

string

The ID of the security group.

securityGroupRules [required]

[object]

Information about the security group properties to update.

SecurityGroupRuleId [required]

string

The ID of the security group rule.

SecurityGroupRule

object

Information about the security group rule.

IpProtocol

string

The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers). Use -1 to specify all protocols.

FromPort

number

The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.

ToPort

number

The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.

CidrIpv4

string

The IPv4 CIDR range. To specify a single IPv4 address, use the /32 prefix length.

CidrIpv6

string

The IPv6 CIDR range. To specify a single IPv6 address, use the /128 prefix length.

PrefixListId

string

The ID of the prefix list.

ReferencedGroupId

string

The ID of the security group that is referenced in the security group rule.

Description

string

The description of the security group rule.

Outputs

Expand All

フィールド

種類

説明

securityGroupInfo [required]

[object]

Description

string

A description of the security group.

GroupName

string

The name of the security group.

IpPermissions

[object]

The inbound rules associated with the security group.

FromPort

number

The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.

IpProtocol

string

The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp, udp, icmp, or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp, udp, and icmp, you must specify a port range. For icmpv6, the port range is optional; if you omit the port range, traffic for all types and codes is allowed.

IpRanges

[object]

The IPv4 address ranges.

CidrIp

string

The IPv4 address range. You can either specify a CIDR block or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.

Description

string

A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*.

Ipv6Ranges

[object]

The IPv6 address ranges.

CidrIpv6

string

The IPv6 address range. You can either specify a CIDR block or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.

Description

string

A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*.

PrefixListIds

[object]

The prefix list IDs.

Description

string

A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*.

PrefixListId

string

The ID of the prefix.

ToPort

number

The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.

UserIdGroupPairs

[object]

The security group and Amazon Web Services account ID pairs.

Description

string

A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*.

GroupId

string

The ID of the security group.

GroupName

string

[Default VPC] The name of the security group. For a security group in a nondefault VPC, use the security group ID. For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.

PeeringStatus

string

The status of a VPC peering connection, if applicable.

UserId

string

The ID of an Amazon Web Services account. For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another Amazon Web Services account.

VpcId

string

The ID of the VPC for the referenced security group, if applicable.

VpcPeeringConnectionId

string

The ID of the VPC peering connection, if applicable.

OwnerId

string

The Amazon Web Services account ID of the owner of the security group.

GroupId

string

The ID of the security group.

IpPermissionsEgress

[object]

The outbound rules associated with the security group.

FromPort

number

The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.

IpProtocol

string

The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp, udp, icmp, or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp, udp, and icmp, you must specify a port range. For icmpv6, the port range is optional; if you omit the port range, traffic for all types and codes is allowed.

IpRanges

[object]

The IPv4 address ranges.

CidrIp

string

The IPv4 address range. You can either specify a CIDR block or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.

Description

string

A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*.

Ipv6Ranges

[object]

The IPv6 address ranges.

CidrIpv6

string

The IPv6 address range. You can either specify a CIDR block or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.

Description

string

A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*.

PrefixListIds

[object]

The prefix list IDs.

Description

string

A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*.

PrefixListId

string

The ID of the prefix.

ToPort

number

The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.

UserIdGroupPairs

[object]

The security group and Amazon Web Services account ID pairs.

Description

string

A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*.

GroupId

string

The ID of the security group.

GroupName

string

[Default VPC] The name of the security group. For a security group in a nondefault VPC, use the security group ID. For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.

PeeringStatus

string

The status of a VPC peering connection, if applicable.

UserId

string

The ID of an Amazon Web Services account. For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another Amazon Web Services account.

VpcId

string

The ID of the VPC for the referenced security group, if applicable.

VpcPeeringConnectionId

string

The ID of the VPC peering connection, if applicable.

Tags

[object]

Any tags assigned to the security group.

Key

string

The key of the tag. Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:.

Value

string

The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.

VpcId

string

The ID of the VPC for the security group.

amzRequestId [required]

string