Prev Feedback Next

AuthorizeSecurityGroupIngress

The AuthorizeSecurityGroupIngress operation adds permissions to a security group.

Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP).

Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.

Request Parameters

The following table describes the request parameters for AuthorizeSecurityGroupIngress. Parameter names are case sensitive.

NameDescriptionRequired

userId

AWS Access Key ID.

Type: xsd:string

Yes

groupName

Name of the group to modify.

Type: xsd:string

Yes

ipPermissions

Set of permissions to add to the group.

Type: ec2:IpPermissionType[]

Yes

Response Elements

The following table describes the default response tags included in AuthorizeSecurityGroupIngress responses.

NameDescription

return

true if permissions successfully added.

Type: xsd:boolean

Sample Request

<AuthorizeSecurityGroupIngress xmlns="http://ec2.amazonaws.com/doc/2007-08-29">
    <userId/>
    <groupName>WebServers</groupName>
    <ipPermissions>
        <item>
            <ipProtocol>tcp</ipProtocol>
            <fromPort>80</fromPort>
            <toPort>80</toPort>
            <groups/>
            <ipRanges>
                <item>
                    <cidrIp>0.0.0.0/0</cidrIp>
                </item>
            </ipRanges>
        </item>
    </ipPermissions>
</AuthorizeSecurityGroupIngress>

Sample Response

<AuthorizeSecurityGroupIngressResponse xmlns="http://ec2.amazonaws.com/doc/2007-08-29">
  <return>true</return>
</AuthorizeSecurityGroupIngressResponse>

Related Operations

Prev Copyright Information Next
 Home