AWS EC2

Procedures and concepts for the AWS EC2 integration.

The following documentation is for AWS EC2 v1.6.3 (BDK).

Overview

Amazon EC2 (Elastic Compute Cloud) provides resizable compute capacity in the cloud for running applications. This integration enables automated instance management, server provisioning, and cloud infrastructure automation workflows. Scale computing resources dynamically and optimize cloud infrastructure operations.

Prerequisites

1. Required Books

The following Book(s) need to be added to your agent so it can learn and understand the automation procedures defined within them:

AWS EC2

How to Add the Book(s)

Go to Books → All Books.
Search for the name of the book and click on it.
Click on Install or Add Connection to add the book to your agent.
If adding a connection, you'll be prompted for connectivity details.

Connectivity

This section outlines the available methods for connecting to the Book, along with the required configuration details for each.

This books supports the connectivity methods described in this section.In here you will find information about what information is required in order to employ each method.

Connect using AWS Access key ID, AWS Secret Access Key, AWS Region, AWS Role ARN and AWS External ID

Assumes a role using the provided AWS credentials.

Label

Description

Type

AWS Access key ID

The AWS Access Key ID for the initial authentication.

text

AWS Secret Access Key

The AWS Secret Access Key for the initial authentication.

sensitive

AWS Region

The AWS Region for the initial authentication.

text

AWS Role ARN

The ARN of the role to assume.

text

AWS External ID

An optional external ID that might be required by the role's trust policy.

sensitive

Connect using AWS Access key ID, AWS Secret Access Key and AWS Region

Connects to an API using the provided API key.

Label

Description

Type

AWS Access key ID

The AWS Access Key ID

text

AWS Secret Access Key

The AWS Secret Access Key

sensitive

AWS Region

The AWS Region

text

Procedures

to attach a rule to a security group

Adds an ingress or egress rule to a security group.

Input Concepts

Concept

Description

Type

Required

Default Value

security group

A security group to authorize

ec2 security group

Yes

(no default)

rule type

The type of rule to add (ingress or egress)

conceptual or text

Yes

(no default)

ip permissions

A list of IpPermission objects representing the permissions to authorize

ec2 ip permission

Yes

(no default)

Examples

get '[{"cidr_ip": "186.137.54.107/32", "description": "SSH access from specific IP"}]' as a json
use the above as the ip ranges
create a json
use the above as the permission
set the permission's "ip_protocol" to "tcp"
set the permission's "from_port" to 22
set the permission's "to_port" to 22
set the permission's "ip_ranges" to the ip ranges
the permission
imagine the permissions
add the permission to the permissions
attach a rule to the security group
  the rule type is "ingress"
  the ip permissions are the permissions
attach a rule to the security group
  the rule type is "egress"
  the ip permissions are the permissions

to get (security groups) from ec2

Gets security groups from EC2

Output Concepts

Concept

Description

Type

security groups

A list of security groups.

json

Examples

Get all security groups from EC2

get some security groups from ec2

Get security groups filtered by name

get some security groups from ec2 whose group-name is "bdk-test"

to get some (security group's rules)

Gets security group rules from EC2

Input Concepts

Concept

Description

Type

Required

Default Value

security group

The security group to get rules for.

ec2 security group

Yes

(no default)

Output Concepts

Concept

Description

Type

security group's rules

A list of security group rules.

ec2 security group rule

Examples

Get security group rules from a specific security group

get some security groups from ec2 whose group-name is "bdk-test"
get the security group's rules

to revoke a security group rule

Revokes egress from a security group

Input Concepts

Concept

Description

Type

Required

Default Value

security group rule

A security group rule to be revoked

ec2 security group rule

Yes

(no default)

Examples

Revoke all existing security group rules from a security group

get some security groups from ec2 whose group-name is "bdk-test"
get the security group's rules
the rules
process each rule as follows
    the rule
    use the above as the security rule
    revoke the security rule

Concepts

Ec2 security group

Represents an EC2 security group.

Field Name

Description

Type

id

The ID of the security group.

text

name

The name of the security group.

text

description

The description of the security group.

text

vpc_id

The ID of the VPC to which the security group belongs.

text

tags

A list of tags associated with the security group.

list of aws tag

Aws tag

Represents an AWS tag.

Field Name

Description

Type

key

The key of the tag.

text

value

The value of the tag.

text

Ec2 ip permission

Represents an IP permission for an EC2 security group.

Field Name

Description

Type

ip_protocol

The IP protocol for the permission.

text

from_port

The start port for the permission.

number

to_port

The end port for the permission.

number

ip_ranges

The list of IP ranges for the permission.

optional[list of json]

ipv6_ranges

The list of IPv6 ranges for the permission.

optional[list of json]

prefix_list_ids

The list of prefix list IDs for the permission.

optional[list of json]

Ec2 security group rule

Represents an EC2 security group rule.

Field Name

Description

Type

rule_id

The ID of the security group rule.

text

group_id

The ID of the security group.

text

group_owner_id

The AWS account ID of the security group owner.

text

is_egress

Whether the rule is an egress rule (True) or ingress rule (False).

boolean

ip_protocol

The IP protocol for the rule.

text

from_port

The start port (or ICMP type) for the rule.

number

to_port

The end port (or ICMP code) for the rule.

number

tags

A list of tags associated with the security group rule.

list of aws tag

rule_arn

The ARN of the security group rule.

text

cidr_ipv4

The IPv4 CIDR range for the rule, if applicable.

optional[text]

Concept attribute specifications

ip_ranges (ec2 ip permission)

Name

Type

description

optional[text]

cidr_ip

optional[text]

ipv6_ranges (ec2 ip permission)

Name

Type

description

optional[text]

cidr_ipv6

optional[text]

prefix_list_ids (ec2 ip permission)

Name

Type

description

optional[text]

prefix_list_id

optional[text]

PreviousAsana NextAWS S3

Last updated 7 days ago

Was this helpful?

hashtagOverview

hashtagPrerequisites

hashtag1. Required Books

hashtagHow to Add the Book(s)

hashtagConnectivity

hashtagConnect using AWS Access key ID, AWS Secret Access Key, AWS Region, AWS Role ARN and AWS External ID

hashtagConnect using AWS Access key ID, AWS Secret Access Key and AWS Region

hashtagProcedures

hashtagto attach a rule to a security group

hashtagto get (security groups) from ec2

hashtagto get some (security group's rules)

hashtagto revoke a security group rule

hashtagConcepts

hashtagEc2 security group

hashtagAws tag

hashtagEc2 ip permission

hashtagEc2 security group rule

Overview

Prerequisites

1. Required Books

How to Add the Book(s)

Connectivity

Connect using AWS Access key ID, AWS Secret Access Key, AWS Region, AWS Role ARN and AWS External ID

Connect using AWS Access key ID, AWS Secret Access Key and AWS Region

Procedures

to attach a rule to a security group

to get (security groups) from ec2

to get some (security group's rules)

to revoke a security group rule

Concepts

Ec2 security group

Aws tag

Ec2 ip permission

Ec2 security group rule