AuthorizeSecurityGroupIngress
The AuthorizeSecurityGroupIngress operation
adds permissions to a security group.
Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP).
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
Request Parameters
The following table describes the request parameters for
AuthorizeSecurityGroupIngress. Parameter
names are case sensitive.
| Name | Description | Required |
|---|---|---|
|
|
AWS Access Key ID. Type: xsd:string |
Yes |
|
|
Name of the group to modify. Type: xsd:string |
Yes |
|
|
Set of permissions to add to the group. Type: IpPermissionType[] |
Yes |
Response Elements
The following table describes the default response tags included
in AuthorizeSecurityGroupIngress responses.
| Name | Description |
|---|---|
|
|
Type: xsd:boolean |
Sample Request
<AuthorizeSecurityGroupIngress xmlns="http://ec2.amazonaws.com/doc/2008-08-08">
<userId/>
<groupName>WebServers</groupName>
<ipPermissions>
<item>
<ipProtocol>tcp</ipProtocol>
<fromPort>80</fromPort>
<toPort>80</toPort>
<groups/>
<ipRanges>
<item>
<cidrIp>0.0.0.0/0</cidrIp>
</item>
</ipRanges>
</item>
</ipPermissions>
</AuthorizeSecurityGroupIngress>
Sample Response
<AuthorizeSecurityGroupIngressResponse xmlns="http://ec2.amazonaws.com/doc/2008-08-08"> <return>true</return> </AuthorizeSecurityGroupIngressResponse>