Class: Aws::EC2::SecurityGroup

Inherits:
Object
  • Object
show all
Defined in:
gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb

Defined Under Namespace

Classes: Collection

Read-Only Attributes collapse

Actions collapse

Instance Method Summary collapse

Constructor Details

#initialize(id, options = {}) ⇒ SecurityGroup #initialize(options = {}) ⇒ SecurityGroup

Returns a new instance of SecurityGroup.

Overloads:

  • #initialize(id, options = {}) ⇒ SecurityGroup

    Parameters:

    • id (String)

    Options Hash (options):

  • #initialize(options = {}) ⇒ SecurityGroup

    Options Hash (options):

    • :id (required, String)
    • :client (Client)
[View source]

22
23
24
25
26
27
28
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 22

def initialize(*args)
  options = Hash === args.last ? args.pop.dup : {}
  @id = extract_id(args, options)
  @data = options.delete(:data)
  @client = options.delete(:client) || Client.new(options)
  @waiter_block_warned = false
end

Instance Method Details

#authorize_egress(options = {}) ⇒ Types::AuthorizeSecurityGroupEgressResult

Examples:

Request syntax with placeholder values


security_group.authorize_egress({
  tag_specifications: [
    {
      resource_type: "capacity-reservation", # accepts capacity-reservation, client-vpn-endpoint, customer-gateway, carrier-gateway, coip-pool, declarative-policies-report, dedicated-host, dhcp-options, egress-only-internet-gateway, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, instance-event-window, internet-gateway, ipam, ipam-pool, ipam-scope, ipv4pool-ec2, ipv6pool-ec2, key-pair, launch-template, local-gateway, local-gateway-route-table, local-gateway-virtual-interface, local-gateway-virtual-interface-group, local-gateway-route-table-vpc-association, local-gateway-route-table-virtual-interface-group-association, natgateway, network-acl, network-interface, network-insights-analysis, network-insights-path, network-insights-access-scope, network-insights-access-scope-analysis, placement-group, prefix-list, replace-root-volume-task, reserved-instances, route-table, security-group, security-group-rule, snapshot, spot-fleet-request, spot-instances-request, subnet, subnet-cidr-reservation, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-connect-peer, transit-gateway-multicast-domain, transit-gateway-policy-table, transit-gateway-route-table, transit-gateway-route-table-announcement, volume, vpc, vpc-endpoint, vpc-endpoint-connection, vpc-endpoint-service, vpc-endpoint-service-permission, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log, capacity-reservation-fleet, traffic-mirror-filter-rule, vpc-endpoint-connection-device-type, verified-access-instance, verified-access-group, verified-access-endpoint, verified-access-policy, verified-access-trust-provider, vpn-connection-device-type, vpc-block-public-access-exclusion, ipam-resource-discovery, ipam-resource-discovery-association, instance-connect-endpoint, verified-access-endpoint-target, ipam-external-resource-verification-token
      tags: [
        {
          key: "String",
          value: "String",
        },
      ],
    },
  ],
  dry_run: false,
  source_security_group_name: "String",
  source_security_group_owner_id: "String",
  ip_protocol: "String",
  from_port: 1,
  to_port: 1,
  cidr_ip: "String",
  ip_permissions: [
    {
      ip_protocol: "String",
      from_port: 1,
      to_port: 1,
      user_id_group_pairs: [
        {
          description: "String",
          user_id: "String",
          group_name: "String",
          group_id: "String",
          vpc_id: "String",
          vpc_peering_connection_id: "String",
          peering_status: "String",
        },
      ],
      ip_ranges: [
        {
          description: "String",
          cidr_ip: "String",
        },
      ],
      ipv_6_ranges: [
        {
          description: "String",
          cidr_ipv_6: "String",
        },
      ],
      prefix_list_ids: [
        {
          description: "String",
          prefix_list_id: "String",
        },
      ],
    },
  ],
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :tag_specifications (Array<Types::TagSpecification>)

    The tags applied to the security group rule.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

  • :source_security_group_name (String)

    Not supported. Use IP permissions instead.

  • :source_security_group_owner_id (String)

    Not supported. Use IP permissions instead.

  • :ip_protocol (String)

    Not supported. Use IP permissions instead.

  • :from_port (Integer)

    Not supported. Use IP permissions instead.

  • :to_port (Integer)

    Not supported. Use IP permissions instead.

  • :cidr_ip (String)

    Not supported. Use IP permissions instead.

  • :ip_permissions (Array<Types::IpPermission>)

    The permissions for the security group rules.

Returns:

[View source]

305
306
307
308
309
310
311
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 305

def authorize_egress(options = {})
  options = options.merge(group_id: @id)
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.authorize_security_group_egress(options)
  end
  resp.data
end

#authorize_ingress(options = {}) ⇒ Types::AuthorizeSecurityGroupIngressResult

Examples:

Request syntax with placeholder values


security_group.authorize_ingress({
  cidr_ip: "String",
  from_port: 1,
  group_name: "SecurityGroupName",
  ip_permissions: [
    {
      ip_protocol: "String",
      from_port: 1,
      to_port: 1,
      user_id_group_pairs: [
        {
          description: "String",
          user_id: "String",
          group_name: "String",
          group_id: "String",
          vpc_id: "String",
          vpc_peering_connection_id: "String",
          peering_status: "String",
        },
      ],
      ip_ranges: [
        {
          description: "String",
          cidr_ip: "String",
        },
      ],
      ipv_6_ranges: [
        {
          description: "String",
          cidr_ipv_6: "String",
        },
      ],
      prefix_list_ids: [
        {
          description: "String",
          prefix_list_id: "String",
        },
      ],
    },
  ],
  ip_protocol: "String",
  source_security_group_name: "String",
  source_security_group_owner_id: "String",
  to_port: 1,
  tag_specifications: [
    {
      resource_type: "capacity-reservation", # accepts capacity-reservation, client-vpn-endpoint, customer-gateway, carrier-gateway, coip-pool, declarative-policies-report, dedicated-host, dhcp-options, egress-only-internet-gateway, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, instance-event-window, internet-gateway, ipam, ipam-pool, ipam-scope, ipv4pool-ec2, ipv6pool-ec2, key-pair, launch-template, local-gateway, local-gateway-route-table, local-gateway-virtual-interface, local-gateway-virtual-interface-group, local-gateway-route-table-vpc-association, local-gateway-route-table-virtual-interface-group-association, natgateway, network-acl, network-interface, network-insights-analysis, network-insights-path, network-insights-access-scope, network-insights-access-scope-analysis, placement-group, prefix-list, replace-root-volume-task, reserved-instances, route-table, security-group, security-group-rule, snapshot, spot-fleet-request, spot-instances-request, subnet, subnet-cidr-reservation, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-connect-peer, transit-gateway-multicast-domain, transit-gateway-policy-table, transit-gateway-route-table, transit-gateway-route-table-announcement, volume, vpc, vpc-endpoint, vpc-endpoint-connection, vpc-endpoint-service, vpc-endpoint-service-permission, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log, capacity-reservation-fleet, traffic-mirror-filter-rule, vpc-endpoint-connection-device-type, verified-access-instance, verified-access-group, verified-access-endpoint, verified-access-policy, verified-access-trust-provider, vpn-connection-device-type, vpc-block-public-access-exclusion, ipam-resource-discovery, ipam-resource-discovery-association, instance-connect-endpoint, verified-access-endpoint-target, ipam-external-resource-verification-token
      tags: [
        {
          key: "String",
          value: "String",
        },
      ],
    },
  ],
  dry_run: false,
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :cidr_ip (String)

    The IPv4 address range, in CIDR format.

    Amazon Web Services canonicalizes IPv4 and IPv6 CIDRs. For example, if you specify 100.68.0.18/18 for the CIDR block, Amazon Web Services canonicalizes the CIDR block to 100.68.0.0/18. Any subsequent DescribeSecurityGroups and DescribeSecurityGroupRules calls will return the canonicalized form of the CIDR block. Additionally, if you attempt to add another rule with the non-canonical form of the CIDR (such as 100.68.0.18/18) and there is already a rule for the canonicalized form of the CIDR block (such as 100.68.0.0/18), the API throws an duplicate rule error.

    To specify an IPv6 address range, use IP permissions instead.

    To specify multiple rules and descriptions for the rules, use IP permissions instead.

  • :from_port (Integer)

    If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP, this is the ICMP type or -1 (all ICMP types).

    To specify multiple rules and descriptions for the rules, use IP permissions instead.

  • :group_name (String)

    [Default VPC] The name of the security group. For security groups for a default VPC you can specify either the ID or the name of the security group. For security groups for a nondefault VPC, you must specify the ID of the security group.

  • :ip_permissions (Array<Types::IpPermission>)

    The permissions for the security group rules.

  • :ip_protocol (String)

    The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers). To specify all protocols, use -1.

    To specify icmpv6, use IP permissions instead.

    If you specify a protocol other than one of the supported values, traffic is allowed on all ports, regardless of any ports that you specify.

    To specify multiple rules and descriptions for the rules, use IP permissions instead.

  • :source_security_group_name (String)

    [Default VPC] The name of the source security group.

    The rule grants full ICMP, UDP, and TCP access. To create a rule with a specific protocol and port range, specify a set of IP permissions instead.

  • :source_security_group_owner_id (String)

    The Amazon Web Services account ID for the source security group, if the source security group is in a different account.

    The rule grants full ICMP, UDP, and TCP access. To create a rule with a specific protocol and port range, use IP permissions instead.

  • :to_port (Integer)

    If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).

    To specify multiple rules and descriptions for the rules, use IP permissions instead.

  • :tag_specifications (Array<Types::TagSpecification>)

    The tags applied to the security group rule.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

Returns:

[View source]

453
454
455
456
457
458
459
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 453

def authorize_ingress(options = {})
  options = options.merge(group_id: @id)
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.authorize_security_group_ingress(options)
  end
  resp.data
end

#clientClient

Returns:

[View source]

89
90
91
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 89

def client
  @client
end

#create_tags(options = {}) ⇒ Tag::Collection

Examples:

Request syntax with placeholder values


tag = security_group.create_tags({
  dry_run: false,
  tags: [ # required
    {
      key: "String",
      value: "String",
    },
  ],
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

  • :tags (required, Array<Types::Tag>)

    The tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.

Returns:

[View source]

483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 483

def create_tags(options = {})
  batch = []
  options = Aws::Util.deep_merge(options, resources: [@id])
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.create_tags(options)
  end
  options[:tags].each do |t|
    batch << Tag.new(
      resource_id: @id,
      key: t[:key],
      value: t[:value],
      client: @client
    )
  end
  Tag::Collection.new([batch], size: batch.size)
end

#dataTypes::SecurityGroup

Returns the data for this Aws::EC2::SecurityGroup. Calls Client#describe_security_groups if #data_loaded? is false.

Returns:

[View source]

111
112
113
114
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 111

def data
  load unless @data
  @data
end

#data_loaded?Boolean

Returns true if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

Returns:

  • (Boolean)

    Returns true if this resource is loaded. Accessing attributes or #data on an unloaded resource will trigger a call to #load.

[View source]

119
120
121
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 119

def data_loaded?
  !!@data
end

#delete(options = {}) ⇒ Types::DeleteSecurityGroupResult

Examples:

Request syntax with placeholder values


security_group.delete({
  group_name: "SecurityGroupName",
  dry_run: false,
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :group_name (String)

    [Default VPC] The name of the security group. You can specify either the security group name or the security group ID. For security groups in a nondefault VPC, you must specify the security group ID.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

Returns:

[View source]

564
565
566
567
568
569
570
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 564

def delete(options = {})
  options = options.merge(group_id: @id)
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.delete_security_group(options)
  end
  resp.data
end

#delete_tags(options = {}) ⇒ Tag::Collection

Examples:

Request syntax with placeholder values


tag = security_group.delete_tags({
  dry_run: false,
  tags: [
    {
      key: "String",
      value: "String",
    },
  ],
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

  • :tags (Array<Types::Tag>)

    The tags to delete. Specify a tag key and an optional tag value to delete specific tags. If you specify a tag key without a tag value, we delete any tag with this key regardless of its value. If you specify a tag key with an empty string as the tag value, we delete the tag only if its value is an empty string.

    If you omit this parameter, we delete all user-defined tags for the specified resources. We do not delete Amazon Web Services-generated tags (tags that have the aws: prefix).

    Constraints: Up to 1000 tags.

Returns:

[View source]

530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 530

def delete_tags(options = {})
  batch = []
  options = Aws::Util.deep_merge(options, resources: [@id])
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.delete_tags(options)
  end
  options[:tags].each do |t|
    batch << Tag.new(
      resource_id: @id,
      key: t[:key],
      value: t[:value],
      client: @client
    )
  end
  Tag::Collection.new([batch], size: batch.size)
end

#descriptionString

A description of the security group.

Returns:

  • (String)
[View source]

76
77
78
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 76

def description
  data[:description]
end

#group_nameString

The name of the security group.

Returns:

  • (String)
[View source]

70
71
72
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 70

def group_name
  data[:group_name]
end

#idString Also known as: group_id

Returns:

  • (String)
[View source]

33
34
35
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 33

def id
  @id
end

#ip_permissionsArray<Types::IpPermission>

The inbound rules associated with the security group.

Returns:

[View source]

82
83
84
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 82

def ip_permissions
  data[:ip_permissions]
end

#ip_permissions_egressArray<Types::IpPermission>

The outbound rules associated with the security group.

Returns:

[View source]

40
41
42
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 40

def ip_permissions_egress
  data[:ip_permissions_egress]
end

#loadself Also known as: reload

Loads, or reloads #data for the current Aws::EC2::SecurityGroup. Returns self making it possible to chain methods.

security_group.reload.data

Returns:

  • (self)
[View source]

99
100
101
102
103
104
105
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 99

def load
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.describe_security_groups(group_ids: [@id])
  end
  @data = resp.security_groups[0]
  self
end

#owner_idString

The Amazon Web Services account ID of the owner of the security group.

Returns:

  • (String)
[View source]

64
65
66
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 64

def owner_id
  data[:owner_id]
end

#revoke_egress(options = {}) ⇒ Types::RevokeSecurityGroupEgressResult

Examples:

Request syntax with placeholder values


security_group.revoke_egress({
  security_group_rule_ids: ["String"],
  dry_run: false,
  source_security_group_name: "String",
  source_security_group_owner_id: "String",
  ip_protocol: "String",
  from_port: 1,
  to_port: 1,
  cidr_ip: "String",
  ip_permissions: [
    {
      ip_protocol: "String",
      from_port: 1,
      to_port: 1,
      user_id_group_pairs: [
        {
          description: "String",
          user_id: "String",
          group_name: "String",
          group_id: "String",
          vpc_id: "String",
          vpc_peering_connection_id: "String",
          peering_status: "String",
        },
      ],
      ip_ranges: [
        {
          description: "String",
          cidr_ip: "String",
        },
      ],
      ipv_6_ranges: [
        {
          description: "String",
          cidr_ipv_6: "String",
        },
      ],
      prefix_list_ids: [
        {
          description: "String",
          prefix_list_id: "String",
        },
      ],
    },
  ],
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :security_group_rule_ids (Array<String>)

    The IDs of the security group rules.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

  • :source_security_group_name (String)

    Not supported. Use a set of IP permissions to specify a destination security group.

  • :source_security_group_owner_id (String)

    Not supported. Use a set of IP permissions to specify a destination security group.

  • :ip_protocol (String)

    Not supported. Use a set of IP permissions to specify the protocol name or number.

  • :from_port (Integer)

    Not supported. Use a set of IP permissions to specify the port.

  • :to_port (Integer)

    Not supported. Use a set of IP permissions to specify the port.

  • :cidr_ip (String)

    Not supported. Use a set of IP permissions to specify the CIDR.

  • :ip_permissions (Array<Types::IpPermission>)

    The sets of IP permissions. You can't specify a destination security group and a CIDR IP address range in the same set of permissions.

Returns:

[View source]

647
648
649
650
651
652
653
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 647

def revoke_egress(options = {})
  options = options.merge(group_id: @id)
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.revoke_security_group_egress(options)
  end
  resp.data
end

#revoke_ingress(options = {}) ⇒ Types::RevokeSecurityGroupIngressResult

Examples:

Request syntax with placeholder values


security_group.revoke_ingress({
  cidr_ip: "String",
  from_port: 1,
  group_name: "SecurityGroupName",
  ip_permissions: [
    {
      ip_protocol: "String",
      from_port: 1,
      to_port: 1,
      user_id_group_pairs: [
        {
          description: "String",
          user_id: "String",
          group_name: "String",
          group_id: "String",
          vpc_id: "String",
          vpc_peering_connection_id: "String",
          peering_status: "String",
        },
      ],
      ip_ranges: [
        {
          description: "String",
          cidr_ip: "String",
        },
      ],
      ipv_6_ranges: [
        {
          description: "String",
          cidr_ipv_6: "String",
        },
      ],
      prefix_list_ids: [
        {
          description: "String",
          prefix_list_id: "String",
        },
      ],
    },
  ],
  ip_protocol: "String",
  source_security_group_name: "String",
  source_security_group_owner_id: "String",
  to_port: 1,
  security_group_rule_ids: ["String"],
  dry_run: false,
})

Parameters:

  • options (Hash) (defaults to: {})

    ({})

Options Hash (options):

  • :cidr_ip (String)

    The CIDR IP address range. You can't specify this parameter when specifying a source security group.

  • :from_port (Integer)

    If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP, this is the ICMP type or -1 (all ICMP types).

  • :group_name (String)

    [Default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.

  • :ip_permissions (Array<Types::IpPermission>)

    The sets of IP permissions. You can't specify a source security group and a CIDR IP address range in the same set of permissions.

  • :ip_protocol (String)

    The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers). Use -1 to specify all.

  • :source_security_group_name (String)

    [Default VPC] The name of the source security group. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. The source security group must be in the same VPC. To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead.

  • :source_security_group_owner_id (String)

    Not supported.

  • :to_port (Integer)

    If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP, this is the ICMP code or -1 (all ICMP codes).

  • :security_group_rule_ids (Array<String>)

    The IDs of the security group rules.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

Returns:

[View source]

746
747
748
749
750
751
752
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 746

def revoke_ingress(options = {})
  options = options.merge(group_id: @id)
  resp = Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    @client.revoke_security_group_ingress(options)
  end
  resp.data
end

#security_group_arnString

The ARN of the security group.

Returns:

  • (String)
[View source]

58
59
60
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 58

def security_group_arn
  data[:security_group_arn]
end

#tagsArray<Types::Tag>

Any tags assigned to the security group.

Returns:

[View source]

46
47
48
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 46

def tags
  data[:tags]
end

#vpc_idString

The ID of the VPC for the security group.

Returns:

  • (String)
[View source]

52
53
54
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 52

def vpc_id
  data[:vpc_id]
end

#wait_until(options = {}) {|resource| ... } ⇒ Resource

Deprecated.

Use [Aws::EC2::Client] #wait_until instead

Note:

The waiting operation is performed on a copy. The original resource remains unchanged.

Waiter polls an API operation until a resource enters a desired state.

Basic Usage

Waiter will polls until it is successful, it fails by entering a terminal state, or until a maximum number of attempts are made.

# polls in a loop until condition is true
resource.wait_until(options) {|resource| condition}

Example

instance.wait_until(max_attempts:10, delay:5) do |instance|
  instance.state.name == 'running'
end

Configuration

You can configure the maximum number of polling attempts, and the delay (in seconds) between each polling attempt. The waiting condition is set by passing a block to #wait_until:

# poll for ~25 seconds
resource.wait_until(max_attempts:5,delay:5) {|resource|...}

Callbacks

You can be notified before each polling attempt and before each delay. If you throw :success or :failure from these callbacks, it will terminate the waiter.

started_at = Time.now
# poll for 1 hour, instead of a number of attempts
proc = Proc.new do |attempts, response|
  throw :failure if Time.now - started_at > 3600
end

  # disable max attempts
instance.wait_until(before_wait:proc, max_attempts:nil) {...}

Handling Errors

When a waiter is successful, it returns the Resource. When a waiter fails, it raises an error.

begin
  resource.wait_until(...)
rescue Aws::Waiters::Errors::WaiterFailed
  # resource did not enter the desired state in time
end

attempts attempt in seconds invoked before each attempt invoked before each wait

Parameters:

  • options (Hash) (defaults to: {})

    a customizable set of options

Options Hash (options):

  • :max_attempts (Integer) — default: 10

    Maximum number of

  • :delay (Integer) — default: 10

    Delay between each

  • :before_attempt (Proc) — default: nil

    Callback

  • :before_wait (Proc) — default: nil

    Callback

Yield Parameters:

  • resource (Resource)

    to be used in the waiting condition.

Returns:

  • (Resource)

    if the waiter was successful

Raises:

  • (Aws::Waiters::Errors::FailureStateError)

    Raised when the waiter terminates because the waiter has entered a state that it will not transition out of, preventing success.

    yet successful.

  • (Aws::Waiters::Errors::UnexpectedError)

    Raised when an error is encountered while polling for a resource that is not expected.

  • (NotImplementedError)

    Raised when the resource does not

[View source]

203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
 
# File 'gems/aws-sdk-ec2/lib/aws-sdk-ec2/security_group.rb', line 203

def wait_until(options = {}, &block)
  self_copy = self.dup
  attempts = 0
  options[:max_attempts] = 10 unless options.key?(:max_attempts)
  options[:delay] ||= 10
  options[:poller] = Proc.new do
    attempts += 1
    if block.call(self_copy)
      [:success, self_copy]
    else
      self_copy.reload unless attempts == options[:max_attempts]
      :retry
    end
  end
  Aws::Plugins::UserAgent.metric('RESOURCE_MODEL') do
    Aws::Waiters::Waiter.new(options).wait({})
  end
end