Skip to content Skip to sidebar Skip to footer
Home / Amazon Web Services / Aws Lambda / Boto3 / Python / Python 2.7

Cannot Revoke_ingress For Non-default Vpc With Boto3

Post a Comment
AWS Lambda / python 2.7 / boto3 I'm trying to revoke one rule out of many in a security group (SG_we_are_working_with) but receive error An error occurred (InvalidGroup.NotFound)

Solution 1:

I have found that the easiest way to revoke permissions is to pass-in the permissions already on the security group:

import boto3

# Connect to the Amazon EC2 service
ec2 = boto3.resource('ec2')

# Retrieve the security group
security_groups = ec2.security_groups.filter(GroupNames=['MY-GROUP-NAME'])

# Delete all rules in the groupfor group in security_groups:
    group.revoke_ingress(IpPermissions = group.ip_permissions)

Solution 2:

All code above is correct except the last part, have no idea why it is not explained in the doc.

Solution, using the code from the question: 

security_group.revoke_ingress(
    IpPermissions = IpPermissions,
)

So, all that stuff

FromPort =  item['FromPort'],
GroupName = SG_we_are_working_with,
IpProtocol = 'tcp',
SourceSecurityGroupName = SG_which_is_the_source_of_the_traffic,
ToPort = item['ToPort']

was excessive and caused the error.

You may like these posts

Post a Comment for "Cannot Revoke_ingress For Non-default Vpc With Boto3"