boto3_secgroup¶
Connection module for Amazon EC2 Security Groups using boto3.¶
Renamed from
boto_secgrouptoboto3_secgroupand rewritten to use the boto3 EC2 client API directly viasaltext.boto3.utils.boto3mod. The legacy boto2 code path has been removed.
- depends:
boto3 >= 1.28.0
botocore >= 1.31.0
- configuration:
This module accepts explicit Security Group credentials but can also utilize IAM roles assigned to the instance through Instance Profiles. Dynamic credentials are then automatically obtained from AWS API and no further configuration is necessary. More Information available at:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
If IAM roles are not used you need to specify them either in the minion’s config file or as a profile. For example, to specify them in the minion’s config file:
secgroup.keyid: GKTADJGHEIQSXMKKRBJ08H
secgroup.key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
A region may also be specified in the configuration:
secgroup.region: us-east-1
It’s also possible to specify key, keyid and region via a profile, either as a passed in dict, or as a string to pull from pillars or minion config:
myprofile:
keyid: GKTADJGHEIQSXMKKRBJ08H
key: askdjghsdfjkghWupUjasdflkdfklgjsdfjajkghs
region: us-east-1
Added in version 1.0.0.
- saltext.boto3.modules.boto3_secgroup.exists(name=None, region=None, key=None, keyid=None, profile=None, vpc_id=None, vpc_name=None, group_id=None)[source]¶
Check to see if a security group exists.
CLI Example:
salt myminion boto3_secgroup.exists mysecgroup
- saltext.boto3.modules.boto3_secgroup.get_all_security_groups(groupnames=None, group_ids=None, filters=None, region=None, key=None, keyid=None, profile=None)[source]¶
Return a list of all Security Groups matching the given criteria and filters.
CLI Example:
salt myminion boto3_secgroup.get_all_security_groups filters='{group-name: mygroup}'
- saltext.boto3.modules.boto3_secgroup.get_group_id(name, vpc_id=None, vpc_name=None, region=None, key=None, keyid=None, profile=None)[source]¶
Get a Group ID given a Group Name or Group Name and VPC ID
CLI Example:
salt myminion boto3_secgroup.get_group_id mysecgroup
- saltext.boto3.modules.boto3_secgroup.convert_to_group_ids(groups, vpc_id=None, vpc_name=None, region=None, key=None, keyid=None, profile=None)[source]¶
Given a list of security groups and a vpc_id, convert all entries to security group ids.
CLI Example:
salt myminion boto3_secgroup.convert_to_group_ids mysecgroup vpc-89yhh7h
- saltext.boto3.modules.boto3_secgroup.get_config(name=None, group_id=None, region=None, key=None, keyid=None, profile=None, vpc_id=None, vpc_name=None)[source]¶
Get the configuration for a security group.
CLI Example:
salt myminion boto3_secgroup.get_config mysecgroup
- saltext.boto3.modules.boto3_secgroup.create(name, description, vpc_id=None, vpc_name=None, region=None, key=None, keyid=None, profile=None)[source]¶
Create a security group.
CLI Example:
salt myminion boto3_secgroup.create mysecgroup 'My Security Group'
- saltext.boto3.modules.boto3_secgroup.delete(name=None, group_id=None, region=None, key=None, keyid=None, profile=None, vpc_id=None, vpc_name=None)[source]¶
Delete a security group.
CLI Example:
salt myminion boto3_secgroup.delete mysecgroup
- saltext.boto3.modules.boto3_secgroup.authorize(name=None, source_group_name=None, source_group_owner_id=None, ip_protocol=None, from_port=None, to_port=None, cidr_ip=None, group_id=None, source_group_group_id=None, region=None, key=None, keyid=None, profile=None, vpc_id=None, vpc_name=None, egress=False)[source]¶
Add a new rule to an existing security group.
CLI Example:
salt myminion boto3_secgroup.authorize mysecgroup ip_protocol=tcp from_port=80 to_port=80 cidr_ip='10.0.0.0/8'
- saltext.boto3.modules.boto3_secgroup.revoke(name=None, source_group_name=None, source_group_owner_id=None, ip_protocol=None, from_port=None, to_port=None, cidr_ip=None, group_id=None, source_group_group_id=None, region=None, key=None, keyid=None, profile=None, vpc_id=None, vpc_name=None, egress=False)[source]¶
Remove a rule from an existing security group.
CLI Example:
salt myminion boto3_secgroup.revoke mysecgroup ip_protocol=tcp from_port=80 to_port=80 cidr_ip='10.0.0.0/8'
- saltext.boto3.modules.boto3_secgroup.set_tags(tags, name=None, group_id=None, vpc_name=None, vpc_id=None, region=None, key=None, keyid=None, profile=None)[source]¶
Sets tags on a security group.
CLI Example:
salt myminion boto3_secgroup.set_tags "{'TAG1': 'Value1'}" security_group_name vpc_id=vpc-13435
- saltext.boto3.modules.boto3_secgroup.delete_tags(tags, name=None, group_id=None, vpc_name=None, vpc_id=None, region=None, key=None, keyid=None, profile=None)[source]¶
Deletes tags from a security group.
CLI Example:
salt myminion boto3_secgroup.delete_tags ['TAG1','TAG2'] security_group_name vpc_id=vpc-13435