AuthorizeSecurityGroupIngress

Amazon EC2: API Version 2007-01-03

previous page next page

AuthorizeSecurityGroupIngress

The AuthorizeSecurityGroupIngress operation adds permissions to a security group.

Permissions are specified in terms of the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), source and destination port ranges (for TCP and UDP), and ICMP codes and types (for ICMP).

[Note] Note

Changes are anticipated in this API that may restrict further what is allowable. Please consult the section called “Anticipated API changes” for more details.

Permission changes are propagated to instances within the security group being modified as quickly as possible. However, a small delay is likely, depending on the number of instances that are members of the indicated group.

Request Parameters

The following table describes the request parameters for AuthorizeSecurityGroupIngress. Parameter names are case sensitive.

Element Name Definition Required? Type
userId AWS Access Key ID. Yes xsd:string
groupName Name of the group to modify. Yes xsd:string
ipPermissions Set of permissions to add to the group. Yes ec2:IpPermissionType[]

Response Tags

The following table describes the default response tags included in AuthorizeSecurityGroupIngress responses.

Element Name Definition Type
return true if permissions successfully added. xsd:boolean

Sample Request 

<AuthorizeSecurityGroupIngress xmlns="http://ec2.amazonaws.com/doc/2007-01-03">
    <userId/>
    <groupName>WebServers</groupName>
    <ipPermissions>
        <item>
            <ipProtocol>tcp</ipProtocol>
            <fromPort>80</fromPort>
            <toPort>80</toPort>
            <groups/>
            <ipRanges>
                <item>
                    <cidrIp>0.0.0.0/0</cidrIp>
                </item>
            </ipRanges>
        </item>
    </ipPermissions>
</AuthorizeSecurityGroupIngress>

Sample Response 

<AuthorizeSecurityGroupIngressResponse xmlns="http://ec2.amazonaws.com/doc/2007-01-03">
  <return>true</return>
</AuthorizeSecurityGroupIngressResponse>

Related Operations

previous page start next page