Use UpdateSecurityGroupRuleDescriptionsIngress with a CLI - AWS SDK Code Examples

There are more AWS SDK examples available in the AWS Doc SDK Examples GitHub repo.

Use UpdateSecurityGroupRuleDescriptionsIngress with a CLI

The following code examples show how to use UpdateSecurityGroupRuleDescriptionsIngress.

CLI
AWS CLI

Example 1: To update the description of an inbound security group rule with a CIDR source

The following update-security-group-rule-descriptions-ingress example updates the description for the security group rule for the specified port and IPv4 address range. The description 'SSH access from ABC office' replaces any existing description for the rule.

aws ec2 update-security-group-rule-descriptions-ingress \ --group-id sg-02f0d35a850ba727f \ --ip-permissions IpProtocol=tcp,FromPort=22,ToPort=22,IpRanges='[{CidrIp=203.0.113.0/16,Description="SSH access from corpnet"}]'

Output:

{ "Return": true }

For more information, see Security group rules in the Amazon EC2 User Guide.

Example 2: To update the description of an inbound security group rule with a prefix list source

The following update-security-group-rule-descriptions-ingress example updates the description for the security group rule for the specified port and prefix list. The description 'SSH access from ABC office' replaces any existing description for the rule.

aws ec2 update-security-group-rule-descriptions-ingress \ --group-id sg-02f0d35a850ba727f \ --ip-permissions IpProtocol=tcp,FromPort=22,ToPort=22,PrefixListIds='[{PrefixListId=pl-12345678,Description="SSH access from corpnet"}]'

Output:

{ "Return": true }

For more information, see Security group rules in the Amazon EC2 User Guide.

PowerShell
Tools for PowerShell

Example 1: Updates the description of an existing ingress (inbound) security group rule.

$existingInboundRule = Get-EC2SecurityGroupRule -SecurityGroupRuleId "sgr-1234567890" $ruleWithUpdatedDescription = [Amazon.EC2.Model.SecurityGroupRuleDescription]@{ "SecurityGroupRuleId" = $existingInboundRule.SecurityGroupRuleId "Description" = "Updated rule description" } Update-EC2SecurityGroupRuleIngressDescription -GroupId $existingInboundRule.GroupId -SecurityGroupRuleDescription $ruleWithUpdatedDescription

Example 2: Removes the description of an existing ingress (inbound) security group rule (by omitting the parameter in the request).

$existingInboundRule = Get-EC2SecurityGroupRule -SecurityGroupRuleId "sgr-1234567890" $ruleWithoutDescription = [Amazon.EC2.Model.SecurityGroupRuleDescription]@{ "SecurityGroupRuleId" = $existingInboundRule.SecurityGroupRuleId } Update-EC2SecurityGroupRuleIngressDescription -GroupId $existingInboundRule.GroupId -SecurityGroupRuleDescription $ruleWithoutDescription