Modifying rules for a given EC2 security group with Boto3
10,584
Solution 1
There is no API to modify a rule in SG. You have to revoke the rule first and then add the rule with the modified parameters using authorize. The link also has code snippets.
- authorize_egress()
- authorize_ingress()
- revoke_egress()
- revoke_ingress()
Solution 2
Seems like there are no way to modify security group rule. You have to delete the old one:
security_group.revoke_ingress(IpProtocol="tcp", CidrIp="0.0.0.0/0", FromPort=3306, ToPort=3306)
and add the new one:
security_group.authorize_ingress(IpProtocol="tcp",CidrIp="0.0.0.0/0",FromPort=3306,ToPort=3306)
Hope it help.
Related videos on Youtube
Author by
User588233
Updated on June 20, 2022Comments
-
User588233 almost 2 years
I have recently been working on programatically adding and removing ingress rules to security groups on my EC2 server. However, I now seem to have hit a bit of a wall.
I would like to be able to modify existing rules through a python script, but I haven't been able to find any guidance on the Boto3 docs.
Is there any way in which this can be done?
Thanks
-
User588233 over 8 yearsYes, I've seen that method before, but I wondered if there was a cleaner way of modifying each rule. Thanks for your help though!