I'm currently automating the build of an AWS VPC but wish to remove the default rules added to the security group created with the VPC. I can view security group rules like so:
for security_group in vpc_connection.get_all_security_groups():
for rule in vpc_security_group.rules:
print dir(rule)
I'd be grateful if anyone could tell me or give me an example of how to remove the default rules from the VPC.
From the API documentation I can see that there are a few methods such as:
boto.ec2.connection.revoke_security_group()
However I am not clear on what needs to be passed in as arguments if this is indeed the correct method.
Many thanks
H
To delete a security groupOpen the Amazon EC2 console at https://console.aws.amazon.com/ec2/ . In the navigation pane, choose Security Groups. Select a security group and choose Actions, Delete Security Group. Choose Yes, Delete.
You can add or remove inbound and outbound rules for any default security group. You can't delete a default security group.
I figured this out in the end:
for rule in vpc_security_group.rules:
for grant in rule.grants:
ec2_connection.revoke_security_group(group_id=vpc_security_group.id, ip_protocol=rule.ip_protocol, from_port=rule.from_port, to_port=rule.to_port, src_security_group_group_id=grant.group_id, cidr_ip=grant.cidr_ip)
for rule in vpc_security_group.rules_egress:
for grant in rule.grants:
ec2_connection.revoke_security_group_egress(vpc_security_group.id, rule.ip_protocol, rule.from_port, rule.to_port, grant.group_id, grant.cidr_ip)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With