blindstack
Reputation: 281
how to use boto3 authorize_security_group_ingress to add a rule between two security groups in non default VPC
I am trying to use boto3 to update security group rules, to add a rule to security group a (sg_a) to allow security group b (sg_b) to access port 8443.
I am trying to use EC2 client to achieve this with the following
ec2.authorize_security_group_ingress(
GroupId=sg_a,
SourceSecurityGroupName=sg_b,
IpProtocol='tcp',
FromPort=service_port,
ToPort=service_port
)
but I got this error:
botocore.exceptions.ClientError: An error occurred (VPCIdNotSpecified) when calling the AuthorizeSecurityGroupIngress operation: No default VPC for this user.
How do I use authorize_security_group_igress for a non-default VPC?
Upvotes: 10
Views: 5333
Answers (1)
blindstack
Reputation: 281
the correct syntax is:
ec2.authorize_security_group_ingress(
GroupId=sg_a,
IpPermissions=[
{'IpProtocol': 'tcp',
'FromPort': from_port,
'ToPort': to_port,
'UserIdGroupPairs': [{ 'GroupId': sg_b }] }
],
)
Upvotes: 12
Related Questions
- How to handle errors with boto3?
- Boto3 Adding an Inbound Rule to a Security Group in a Non Default VPC
- How to use revoke_ingress method of boto3 to remove a particular security group from inbound rules
- Python boto3 - adding rule description under Security Group
- Cannot revoke_ingress for non-default VPC with boto3
- How to use boto3 to add Security Group rule between Security Groups of different accounts?
- boto3 update_security_group_rule_descriptions_ingress error
- How to create a RDS Cluster inside a VPC?
- aws ec2 revoke-security-group-egress is giving errors