Modifying rules for a given EC2 security group with Boto3
10,584
Solution 1
There is no API to modify a rule in SG. You have to revoke the rule first and then add the rule with the modified parameters using authorize. The link also has code snippets.
- authorize_egress()
- authorize_ingress()
- revoke_egress()
- revoke_ingress()
Solution 2
Seems like there are no way to modify security group rule. You have to delete the old one:
security_group.revoke_ingress(IpProtocol="tcp", CidrIp="0.0.0.0/0", FromPort=3306, ToPort=3306)
and add the new one:
security_group.authorize_ingress(IpProtocol="tcp",CidrIp="0.0.0.0/0",FromPort=3306,ToPort=3306)
Hope it help.
Related videos on Youtube
12 : 32
Aws Automation Using Boto3 Python|Modify Security Group For AWS Ec2 Using Boto3 Python|Part:32
14 : 14
Aws Automation Using Boto3 Python|Create Inbound Rule For AWS Security Groups Using Boto3|Part:15
12 : 52
Aws Automation Using Boto3 Python|Remove Inbound Rule From Aws Security Group Using Boto3|Part:17
09 : 49
Aws Automation Using Boto3 Python|Remove AWS Outbound Rule From Security Group Using Boto3|Part:20
07 : 53
Aws Automation Using Boto3 Python|Create Outbound Rule For Aws Security Group Using Boto3|Part:18
13 : 58
BOTO3 (AWS Python SDK) -- Playing around with EC2, Security Groups, Inbound Rules
Author by
User588233
Updated on June 20, 2022Comments
-
User588233 almost 2 years
I have recently been working on programatically adding and removing ingress rules to security groups on my EC2 server. However, I now seem to have hit a bit of a wall.
I would like to be able to modify existing rules through a python script, but I haven't been able to find any guidance on the Boto3 docs.
Is there any way in which this can be done?
Thanks
-
User588233 over 8 yearsYes, I've seen that method before, but I wondered if there was a cleaner way of modifying each rule. Thanks for your help though!