Skip to content

Revoke Db Security Group Ingress

rds_revoke_db_security_group_ingress R Documentation

Revokes ingress from a DBSecurityGroup for previously authorized IP ranges or EC2 or VPC security groups

Description

Revokes ingress from a DBSecurityGroup for previously authorized IP ranges or EC2 or VPC security groups. Required parameters for this API are one of CIDRIP, EC2SecurityGroupId for VPC, or (EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId).

EC2-Classic was retired on August 15, 2022. If you haven't migrated from EC2-Classic to a VPC, we recommend that you migrate as soon as possible. For more information, see Migrate from EC2-Classic to a VPC in the Amazon EC2 User Guide, the blog EC2-Classic Networking is Retiring – Here’s How to Prepare, and Moving a DB instance not in a VPC into a VPC in the Amazon RDS User Guide.

Usage

rds_revoke_db_security_group_ingress(DBSecurityGroupName, CIDRIP,
  EC2SecurityGroupName, EC2SecurityGroupId, EC2SecurityGroupOwnerId)

Arguments

DBSecurityGroupName

[required] The name of the DB security group to revoke ingress from.

CIDRIP

The IP range to revoke access from. Must be a valid CIDR range. If CIDRIP is specified, EC2SecurityGroupName, EC2SecurityGroupId and EC2SecurityGroupOwnerId can't be provided.

EC2SecurityGroupName

The name of the EC2 security group to revoke access from. For VPC DB security groups, EC2SecurityGroupId must be provided. Otherwise, EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId must be provided.

EC2SecurityGroupId

The id of the EC2 security group to revoke access from. For VPC DB security groups, EC2SecurityGroupId must be provided. Otherwise, EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId must be provided.

EC2SecurityGroupOwnerId

The Amazon Web Services account number of the owner of the EC2 security group specified in the EC2SecurityGroupName parameter. The Amazon Web Services access key ID isn't an acceptable value. For VPC DB security groups, EC2SecurityGroupId must be provided. Otherwise, EC2SecurityGroupOwnerId and either EC2SecurityGroupName or EC2SecurityGroupId must be provided.

Value

A list with the following syntax:

list(
  DBSecurityGroup = list(
    OwnerId = "string",
    DBSecurityGroupName = "string",
    DBSecurityGroupDescription = "string",
    VpcId = "string",
    EC2SecurityGroups = list(
      list(
        Status = "string",
        EC2SecurityGroupName = "string",
        EC2SecurityGroupId = "string",
        EC2SecurityGroupOwnerId = "string"
      )
    ),
    IPRanges = list(
      list(
        Status = "string",
        CIDRIP = "string"
      )
    ),
    DBSecurityGroupArn = "string"
  )
)

Request syntax

svc$revoke_db_security_group_ingress(
  DBSecurityGroupName = "string",
  CIDRIP = "string",
  EC2SecurityGroupName = "string",
  EC2SecurityGroupId = "string",
  EC2SecurityGroupOwnerId = "string"
)