RevokeClusterSecurityGroupIngress
Revokes an ingress rule in an Amazon Redshift security group for a previously authorized IP range or Amazon EC2 security group. To add an ingress rule, see AuthorizeClusterSecurityGroupIngress. For information about managing security groups, go to Amazon Redshift Cluster Security Groups in the Amazon Redshift Cluster Management Guide.
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
- ClusterSecurityGroupName
-
The name of the security Group from which to revoke the ingress rule.
Type: String
Length Constraints: Maximum length of 2147483647.
Required: Yes
- CIDRIP
-
The IP range for which to revoke access. This range must be a valid Classless Inter-Domain Routing (CIDR) block of IP addresses. If
CIDRIP
is specified,EC2SecurityGroupName
andEC2SecurityGroupOwnerId
cannot be provided.Type: String
Length Constraints: Maximum length of 2147483647.
Required: No
- EC2SecurityGroupName
-
The name of the EC2 Security Group whose access is to be revoked. If
EC2SecurityGroupName
is specified,EC2SecurityGroupOwnerId
must also be provided andCIDRIP
cannot be provided.Type: String
Length Constraints: Maximum length of 2147483647.
Required: No
- EC2SecurityGroupOwnerId
-
The AWS account number of the owner of the security group specified in the
EC2SecurityGroupName
parameter. The AWS access key ID is not an acceptable value. IfEC2SecurityGroupOwnerId
is specified,EC2SecurityGroupName
must also be provided. andCIDRIP
cannot be provided.Example:
111122223333
Type: String
Length Constraints: Maximum length of 2147483647.
Required: No
Response Elements
The following element is returned by the service.
- ClusterSecurityGroup
-
Describes a security group.
Type: ClusterSecurityGroup object
Errors
For information about the errors that are common to all actions, see Common Errors.
- AuthorizationNotFound
-
The specified CIDR IP range or EC2 security group is not authorized for the specified cluster security group.
HTTP Status Code: 404
- ClusterSecurityGroupNotFound
-
The cluster security group name does not refer to an existing cluster security group.
HTTP Status Code: 404
- InvalidClusterSecurityGroupState
-
The state of the cluster security group is not
available
.HTTP Status Code: 400
Examples
Example
This example illustrates one usage of RevokeClusterSecurityGroupIngress.
Sample Request
https://redshift.us-east-2.amazonaws.com/
?Action=RevokeClusterSecurityGroupIngress
&ClusterSecurityGroupName=securitygroup1
&CIDRIP=192.168.40.3/32
&Version=2012-12-01
&x-amz-algorithm=AWS4-HMAC-SHA256
&x-amz-credential=AKIAIOSFODNN7EXAMPLE/20130123/us-east-2/redshift/aws4_request
&x-amz-date=20130123T021606Z
&x-amz-signedheaders=content-type;host;x-amz-date
Sample Response
<RevokeClusterSecurityGroupIngressResponse xmlns="http://redshift.amazonaws.com/doc/2012-12-01/">
<RevokeClusterSecurityGroupIngressResult>
<ClusterSecurityGroup>
<EC2SecurityGroups/>
<IPRanges/>
<Description>my security group</Description>
<ClusterSecurityGroupName>securitygroup1</ClusterSecurityGroupName>
</ClusterSecurityGroup>
</RevokeClusterSecurityGroupIngressResult>
<ResponseMetadata>
<RequestId>d8eff363-6502-11e2-a8da-655adc216806</RequestId>
</ResponseMetadata>
</RevokeClusterSecurityGroupIngressResponse>
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: