The methods in this section allow you to query and manipulate security groups (firewall rules). See
VM::EC2::SecurityGroup for functionality that is available through these objects.
Implemented:
AuthorizeSecurityGroupEgress (EC2-VPC only)
AuthorizeSecurityGroupIngress
CreateSecurityGroup
DeleteSecurityGroup
DescribeSecurityGroups
RevokeSecurityGroupEgress (EC2-VPC only)
RevokeSecurityGroupIngress
Unimplemented:
(none)
@sg=$ec2->describe_security_groups(@group_ids)@sg=$ec2->describe_security_groups(%args);@sg=$ec2->describe_security_groups(\%filters);
Searches for security groups (firewall rules) matching the provided filters and return a series of
VM::EC2::SecurityGroup objects.
In the named-argument form you can provide the following optional arguments:
-group_name A single group name or an arrayref containing a list
of names
-name Shorter version of -group_name
-group_id A single group id (i.e. 'sg-12345') or an arrayref
containing a list of ids
-filter Filter on tags and other attributes.
The -filter argument name can be omitted if there are no other arguments you wish to pass.
The full list of security group filters can be found at:
http://docs.amazonwebservices.com/AWSEC2/latest/APIReference/ApiReference-query-DescribeSecurityGroups.html$group=$ec2->create_security_group(-group_name=>$name,-group_description=>$description,-vpc_id=>$vpc_id)
Create a security group. Arguments are:
-group_name Name of the security group (required)
-group_description Description of the security group (required)
-vpc_id Virtual private cloud security group ID
(required for VPC security groups)
For convenience, you may use -name and -description as aliases for -group_name and -group_description
respectively.
If succcessful, the method returns an object of type VM::EC2::SecurityGroup.
$boolean=$ec2->delete_security_group($group_id)$boolean=$ec2->delete_security_group(-group_id=>$group_id,-group_name=>$name);
Delete a security group. Arguments are:
-group_name Name of the security group
-group_id ID of the security group
Either -group_name or -group_id is required. In the single-argument form, the method deletes the security
group given by its id.
If succcessful, the method returns true.
$boolean=$ec2->update_security_group($security_group)
Add one or more incoming firewall rules to a security group. The rules to add are stored in a
VM::EC2::SecurityGroup which is created either by describe_security_groups() or create_security_group().
This method combines the actions AuthorizeSecurityGroupIngress, AuthorizeSecurityGroupEgress,
RevokeSecurityGroupIngress, and RevokeSecurityGroupEgress.
For details, see VM::EC2::SecurityGroup. Here is a brief summary:
$sg = $ec2->create_security_group(-name=>'MyGroup',-description=>'Example group');
# TCP on port 80 for the indicated address ranges
$sg->authorize_incoming(-protocol => 'tcp',
-port => 80,
-source_ip => ['192.168.2.0/24','192.168.2.1/24'});
# TCP on ports 22 and 23 from anyone
$sg->authorize_incoming(-protocol => 'tcp',
-port => '22..23',
-source_ip => '0.0.0.0/0');
# ICMP on echo (ping) port from anyone
$sg->authorize_incoming(-protocol => 'icmp',
-port => -1,
-source_ip => '0.0.0.0/0');
# TCP to port 25 (mail) from instances belonging to
# the "Mail relay" group belonging to user 12345678.
$sg->authorize_incoming(-protocol => 'tcp',
-port => 25,
-group => '12345678/Mail relay');
$result = $ec2->update_security_group($sg);
or more simply:
$result = $sg->update();
Install Now
PNG Icons
Emojis