Amazon Relational Database Service
Command Line Interface Reference (API Version 2012-04-23)
AWS Documentation » Amazon Relational Database Service (RDS) » Command Line Reference » API Command Line Tools Reference » rds-authorize-db-security-group-ingress
Print this pageEmail this pageGo to the ForumsView the PDFShare this page on TwitterShare this page on FacebookBookmark this page on DeliciousSubmit this page to RedditSubmit this page to DiggDid this page help you?  Yes  No   Tell us about it...

rds-authorize-db-security-group-ingress

Description

Authorizes network ingress for an Amazon EC2 security group or an IP address range.

[Note]Note

You cannot authorize ingress from an EC2 security group in one Region to an Amazon RDS DB Instance in another.

Syntax

rds-authorize-db-security-group-ingress DBSecurityGroupName

[-s (--ec2-security-group-id) ] value

[-g (--ec2-security-group-name) value ]

[-i (--cidr-ip) value ]

[-o (--ec2-security-group-owner) value ]

[General Options]

Options

NameDescriptionRequired

DBSecurityGroupName

--db-security-group-name value

The name of the Amazon RDS security group. This can also be passed as a named parameter using --db-security-group-name value

Type: String

Default: None

Example: --db-security-group-name mydbsecuritygroup

Yes

-s

--ec2-security-group-id value

Identifier of the EC2 Security Group to authorize.

Type: String

Default: None

Constraints: This parameter must be specified if the DB Security Group is for a VPC.

Example: -g myec2securitygroup

No

-g

--ec2-security-group-name value

The name of the EC2 security group.

Type: String

Default: None

Constraints: This parameter must be specified if the ec2-security-group-owner parameter is specified. Must be an existing EC2 security group.

Example: -g myec2securitygroup

[Important]Important

Authorizing an EC2 security group only grants access to your DB instances from the EC2 instances belonging to the EC2 security group.

No

-o

--ec2-security-group-owner-id value

The AWS account number of the owner of the EC2 security group.

Type: String

Default: None

Constraints: This parameter must be specified if the ec2-security-group-name parameter is specified.

Example: -o 123456789012

No

-i

--cidr-ip-value value

The IP range to allow access.

Type: String

Constraints: Must be a valid Classless Inter-Domain Routing (CIDR) range, in the format ddd.ddd.ddd.ddd/dd. For more information, see CIDR Notation.

Default: None

Constraints: This parameter must not be specified if the ec2-security-group-name and ec2-security-group-owner parameters are specified.

Example: -i 192.168.100.100/32

[Caution]Caution

To avoid inadvertently granting access to your DB Instances, be sure to understand how CIDR ranges work. For more information about CIDR ranges, go to the Wikipedia Tutorial .

No

Output

The command returns a table with the following information:

  • Name—Security group name.

  • Description—Security group description.

  • EC2 Group Name—Name of the EC2 security group./

  • EC2 Group Id—Identifier of the EC2 security group./

  • EC2 Owner ID—Owner of the EC2 security group.

  • IP Range—CIDR range for the authorized Amazon RDS security group.

  • Status—Status of the authorization.

Examples

Authorizing Access to an EC2 Security Group

This example authorizes access to a named Amazon EC2 security group.

PROMPT> rds-authorize-db-security-group-ingress Default --ec2-security-group-name mainServerGrp --ec2-security-group-owner-id 123445677890

Authorizing Access to a CIDR range

This example authorizes access to a CIDR range.

PROMPT> rds-authorize-db-security-group-ingress Default --cidr-ip 192.168.100.100/32
Document Conventions
Terms of Use		Did this page help you?  Yes  No   Tell us about it...