# EC2
{% hint style="info" %}
The following documentation is for **EC2 v1.6.4**.
{% endhint %}
## Overview
Manages network security for EC2 by controlling access to resources.
## Setup
The following integrations need to be connected to your Kognitos workspace:
* **EC2**
### Steps
Follow these steps to connect the integration in Kognitos:
{% stepper %}
{% step %}
**Navigate**
Using the left navigation menu, go to **Integrations** → **Explore Integrations**.
{% endstep %}
{% step %}
**Find**
Search for the integration and click on it.
{% endstep %}
{% step %}
**Connect**
Click on **Connect** to add a connection to the integration.
{% endstep %}
{% step %}
**Configure**
Add a name for the connection. You'll be prompted for [**authentication**](#authentication) details if needed. Then, click on **Connect**.
{% endstep %}
{% endstepper %}
## Authentication
Use one of the following authentication methods to connect this integration in Kognitos. Each method has its own configuration requirements.
### Connect using AWS Access key ID, AWS Secret Access Key, AWS Region, AWS Role ARN and AWS External ID
Assumes a role using the provided AWS credentials.
| Label | Description | Type |
| --------------------- | -------------------------------------------------------------------------- | ----------- |
| AWS Access key ID | The AWS Access Key ID for the initial authentication. | `text` |
| AWS Secret Access Key | The AWS Secret Access Key for the initial authentication. | `sensitive` |
| AWS Region | The AWS Region for the initial authentication. | `text` |
| AWS Role ARN | The ARN of the role to assume. | `text` |
| AWS External ID | An optional external ID that might be required by the role's trust policy. | `sensitive` |
### Connect using AWS Access key ID, AWS Secret Access Key and AWS Region
Connects to an API using the provided API key.
| Label | Description | Type |
| --------------------- | ------------------------- | ----------- |
| AWS Access key ID | The AWS Access Key ID | `text` |
| AWS Secret Access Key | The AWS Secret Access Key | `sensitive` |
| AWS Region | The AWS Region | `text` |
## Actions
The following actions are available in the **EC2** integration:
### 1. Attach a rule to a security group
Create an ingress or egress rule in a security group.
### 2. Get security groups from ec2
Get security groups from EC2.
### 3. Get some security group's rules
Get security group rules for a security group in EC2.
### 4. Revoke a security group rule
Delete a security group rule from a security group.
## Concepts
### Ec2 security group
Represents an EC2 security group.
| Field Name | Description | Type |
| ------------------ | ------------------------------------------------------ | ----------------- |
| `id` | The ID of the security group. | `text` |
| `name` | The name of the security group. | `text` |
| `description` | The description of the security group. | `text` |
| `vpc_id` | The ID of the VPC to which the security group belongs. | `text` |
| [`tags`](#aws-tag) | A list of tags associated with the security group. | `list of aws tag` |
### Aws tag
Represents an AWS tag.
| Field Name | Description | Type |
| ---------- | --------------------- | ------ |
| `key` | The key of the tag. | `text` |
| `value` | The value of the tag. | `text` |
### Ec2 ip permission
Represents an IP permission for an EC2 security group.
| Field Name | Description | Type |
| ------------------------------------------------------- | ----------------------------------------------- | ------------------------ |
| `ip_protocol` | The IP protocol for the permission. | `text` |
| `from_port` | The start port for the permission. | `number` |
| `to_port` | The end port for the permission. | `number` |
| [`ip_ranges`](#ip_ranges-ec2-ip-permission) | The list of IP ranges for the permission. | `optional[list of json]` |
| [`ipv6_ranges`](#ipv6_ranges-ec2-ip-permission) | The list of IPv6 ranges for the permission. | `optional[list of json]` |
| [`prefix_list_ids`](#prefix_list_ids-ec2-ip-permission) | The list of prefix list IDs for the permission. | `optional[list of json]` |
### Ec2 security group rule
Represents an EC2 security group rule.
| Field Name | Description | Type |
| ------------------ | ------------------------------------------------------------------ | ----------------- |
| `rule_id` | The ID of the security group rule. | `text` |
| `group_id` | The ID of the security group. | `text` |
| `group_owner_id` | The AWS account ID of the security group owner. | `text` |
| `is_egress` | Whether the rule is an egress rule (True) or ingress rule (False). | `boolean` |
| `ip_protocol` | The IP protocol for the rule. | `text` |
| `from_port` | The start port (or ICMP type) for the rule. | `number` |
| `to_port` | The end port (or ICMP code) for the rule. | `number` |
| [`tags`](#aws-tag) | A list of tags associated with the security group rule. | `list of aws tag` |
| `rule_arn` | The ARN of the security group rule. | `text` |
| `cidr_ipv4` | The IPv4 CIDR range for the rule, if applicable. | `optional[text]` |
| Name | Type | |
| ------------- | ---------------- | |
| `description` | `optional[text]` | |
| `cidr_ip` | `optional[text]` | |
| Name | Type | |
| ------------- | ---------------- | |
| `description` | `optional[text]` | |
| `cidr_ipv6` | `optional[text]` | |
| Name | Type | |
| ---------------- | ---------------- | |
| `description` | `optional[text]` | |
| `prefix_list_id` | `optional[text]` | |
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.kognitos.com/guides/platform/integrations/ec2.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.