CODEWITHSUNDEEP
pythonamazon-web-servicesboto3aws-security-group
Tannu Priya
Tannu Priya

Reputation: 313

How to use revoke_ingress method of boto3 to remove a particular security group from inbound rules

I want to delete particular security sg-yy group from the inbound rules of another security group sg-ZZ using revoke_ingress method boto3

source: sg-ZZ target: sg-yy

I tried:

    response = security_group_source.revoke_ingress(
        FromPort=FromPort,
        GroupName=groupName_source,
        IpPermissions=[
            {'ToPort': ToPort,
             'UserIdGroupPairs': [
                 {
                     'Description': description_target,
                     'GroupId': group_id_target,
                     'GroupName': groupName_target,
                     'VpcId': VpcId_target,

                 },
             ]
             },
        ],
        SourceSecurityGroupName=groupName_source,
        SourceSecurityGroupOwnerId=owner_id_source,
        ToPort=ToPort,
        DryRun=True
    )
    print( response )

But I am getting error: An error occurred (InvalidGroup.NotFound) when calling the RevokeSecurityGroupIngress operation: The security group 'sg_group_name' does not exist in default VPC 'vpc-1111'

I can not use: 

security_group.revoke_ingress(
    IpPermissions = IpPermissions,
)

as I need to delete a specific security group

Can someone please help me here?

Upvotes: 1

Views: 2826

Answers (1)

Tannu Priya
Tannu Priya

Reputation: 313

This could be resolved by keeping correct parameters. It is not clearly specified in the Boto3 document what parameters to use for non default VPCs but solving through the errors worked for me. Working code for non default VPC:

       response = security_group_source.revoke_ingress(
            GroupId=group_id_source,
            IpPermissions=[
                {'FromPort': FromPort,
                 'IpProtocol': IpProtocol,
                 'ToPort': ToPort,
                 'UserIdGroupPairs': [
                     {
                         'GroupId': group_id_target,
                         'VpcId': VpcId_target,
                     },
                 ]
                 },
            ],
            DryRun=False
        )

Upvotes: 1

Related Questions