There are more AWS SDK examples available in the AWS Doc SDK Examples
Use RevokeSecurityGroupEgress
with a CLI
The following code examples show how to use RevokeSecurityGroupEgress
.
- CLI
-
- AWS CLI
-
Example 1: To remove the rule that allows outbound traffic to a specific address range
The following
revoke-security-group-egress
example command removes the rule that grants access to the specified address ranges on TCP port 80.aws ec2 revoke-security-group-egress \ --group-id
sg-026c12253ce15eff7
\ --ip-permissions[{IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges=[{CidrIp=10.0.0.0/16}]
This command produces no output.
For more information, see Security groups in the Amazon EC2 User Guide.
Example 2: To remove the rule that allows outbound traffic to a specific security group
The following
revoke-security-group-egress
example command removes the rule that grants access to the specified security group on TCP port 80.aws ec2 revoke-security-group-egress \ --group-id
sg-026c12253ce15eff7
\ --ip-permissions '[{"IpProtocol": "tcp", "FromPort": 443, "ToPort": 443,"UserIdGroupPairs": [{"GroupId": "sg-06df23a01ff2df86d"}]}]
'This command produces no output.
For more information, see Security groups in the Amazon EC2 User Guide.
-
For API details, see RevokeSecurityGroupEgress
in AWS CLI Command Reference.
-
- PowerShell
-
- Tools for PowerShell
-
Example 1: This example removes the rule for the specified security group for EC2-VPC. This revokes access to the specified IP address range on TCP port 80. The syntax used by this example requires PowerShell version 3 or higher.
$ip = @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; IpRanges="203.0.113.0/24" } Revoke-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
Example 2: With PowerShell version 2, you must use New-Object to create the IpPermission object.
$ip = New-Object Amazon.EC2.Model.IpPermission $ip.IpProtocol = "tcp" $ip.FromPort = 80 $ip.ToPort = 80 $ip.IpRanges.Add("203.0.113.0/24") Revoke-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission $ip
Example 3: This example revokes access to the specified source security group on TCP port 80.
$ug = New-Object Amazon.EC2.Model.UserIdGroupPair $ug.GroupId = "sg-1a2b3c4d" $ug.UserId = "123456789012" Revoke-EC2SecurityGroupEgress -GroupId sg-12345678 -IpPermission @( @{ IpProtocol="tcp"; FromPort="80"; ToPort="80"; UserIdGroupPairs=$ug } )
-
For API details, see RevokeSecurityGroupEgress in AWS Tools for PowerShell Cmdlet Reference.
-