1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package ec2 4 5import ( 6 "context" 7 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 8 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 9 "github.com/aws/aws-sdk-go-v2/service/ec2/types" 10 "github.com/aws/smithy-go/middleware" 11 smithyhttp "github.com/aws/smithy-go/transport/http" 12) 13 14// Adds the specified ingress rules to a security group. An inbound rule permits 15// instances to receive traffic from the specified IPv4 or IPv6 CIDR address 16// ranges, or from the instances associated with the specified destination security 17// groups. You specify a protocol for each rule (for example, TCP). For TCP and 18// UDP, you must also specify the destination port or port range. For ICMP/ICMPv6, 19// you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean all 20// types or all codes. Rule changes are propagated to instances within the security 21// group as quickly as possible. However, a small delay might occur. For more 22// information about VPC security group limits, see Amazon VPC Limits 23// (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). 24func (c *Client) AuthorizeSecurityGroupIngress(ctx context.Context, params *AuthorizeSecurityGroupIngressInput, optFns ...func(*Options)) (*AuthorizeSecurityGroupIngressOutput, error) { 25 if params == nil { 26 params = &AuthorizeSecurityGroupIngressInput{} 27 } 28 29 result, metadata, err := c.invokeOperation(ctx, "AuthorizeSecurityGroupIngress", params, optFns, addOperationAuthorizeSecurityGroupIngressMiddlewares) 30 if err != nil { 31 return nil, err 32 } 33 34 out := result.(*AuthorizeSecurityGroupIngressOutput) 35 out.ResultMetadata = metadata 36 return out, nil 37} 38 39type AuthorizeSecurityGroupIngressInput struct { 40 41 // The IPv4 address range, in CIDR format. You can't specify this parameter when 42 // specifying a source security group. To specify an IPv6 address range, use a set 43 // of IP permissions. Alternatively, use a set of IP permissions to specify 44 // multiple rules and a description for the rule. 45 CidrIp *string 46 47 // Checks whether you have the required permissions for the action, without 48 // actually making the request, and provides an error response. If you have the 49 // required permissions, the error response is DryRunOperation. Otherwise, it is 50 // UnauthorizedOperation. 51 DryRun bool 52 53 // The start of port range for the TCP and UDP protocols, or an ICMP type number. 54 // For the ICMP type number, use -1 to specify all types. If you specify all ICMP 55 // types, you must specify all codes. Alternatively, use a set of IP permissions to 56 // specify multiple rules and a description for the rule. 57 FromPort int32 58 59 // The ID of the security group. You must specify either the security group ID or 60 // the security group name in the request. For security groups in a nondefault VPC, 61 // you must specify the security group ID. 62 GroupId *string 63 64 // [EC2-Classic, default VPC] The name of the security group. You must specify 65 // either the security group ID or the security group name in the request. 66 GroupName *string 67 68 // The sets of IP permissions. 69 IpPermissions []types.IpPermission 70 71 // The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers 72 // (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)). To 73 // specify icmpv6, use a set of IP permissions. [VPC only] Use -1 to specify all 74 // protocols. If you specify -1 or a protocol other than tcp, udp, or icmp, traffic 75 // on all ports is allowed, regardless of any ports you specify. Alternatively, use 76 // a set of IP permissions to specify multiple rules and a description for the 77 // rule. 78 IpProtocol *string 79 80 // [EC2-Classic, default VPC] The name of the source security group. You can't 81 // specify this parameter in combination with the following parameters: the CIDR IP 82 // address range, the start of the port range, the IP protocol, and the end of the 83 // port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a 84 // rule with a specific IP protocol and port range, use a set of IP permissions 85 // instead. For EC2-VPC, the source security group must be in the same VPC. 86 SourceSecurityGroupName *string 87 88 // [nondefault VPC] The AWS account ID for the source security group, if the source 89 // security group is in a different account. You can't specify this parameter in 90 // combination with the following parameters: the CIDR IP address range, the IP 91 // protocol, the start of the port range, and the end of the port range. Creates 92 // rules that grant full ICMP, UDP, and TCP access. To create a rule with a 93 // specific IP protocol and port range, use a set of IP permissions instead. 94 SourceSecurityGroupOwnerId *string 95 96 // The end of port range for the TCP and UDP protocols, or an ICMP code number. For 97 // the ICMP code number, use -1 to specify all codes. If you specify all ICMP 98 // types, you must specify all codes. Alternatively, use a set of IP permissions to 99 // specify multiple rules and a description for the rule. 100 ToPort int32 101} 102 103type AuthorizeSecurityGroupIngressOutput struct { 104 // Metadata pertaining to the operation's result. 105 ResultMetadata middleware.Metadata 106} 107 108func addOperationAuthorizeSecurityGroupIngressMiddlewares(stack *middleware.Stack, options Options) (err error) { 109 err = stack.Serialize.Add(&awsEc2query_serializeOpAuthorizeSecurityGroupIngress{}, middleware.After) 110 if err != nil { 111 return err 112 } 113 err = stack.Deserialize.Add(&awsEc2query_deserializeOpAuthorizeSecurityGroupIngress{}, middleware.After) 114 if err != nil { 115 return err 116 } 117 if err = addSetLoggerMiddleware(stack, options); err != nil { 118 return err 119 } 120 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 121 return err 122 } 123 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 124 return err 125 } 126 if err = addResolveEndpointMiddleware(stack, options); err != nil { 127 return err 128 } 129 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 130 return err 131 } 132 if err = addRetryMiddlewares(stack, options); err != nil { 133 return err 134 } 135 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 136 return err 137 } 138 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 139 return err 140 } 141 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 142 return err 143 } 144 if err = addClientUserAgent(stack); err != nil { 145 return err 146 } 147 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 148 return err 149 } 150 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 151 return err 152 } 153 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opAuthorizeSecurityGroupIngress(options.Region), middleware.Before); err != nil { 154 return err 155 } 156 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 157 return err 158 } 159 if err = addResponseErrorMiddleware(stack); err != nil { 160 return err 161 } 162 if err = addRequestResponseLogging(stack, options); err != nil { 163 return err 164 } 165 return nil 166} 167 168func newServiceMetadataMiddleware_opAuthorizeSecurityGroupIngress(region string) *awsmiddleware.RegisterServiceMetadata { 169 return &awsmiddleware.RegisterServiceMetadata{ 170 Region: region, 171 ServiceID: ServiceID, 172 SigningName: "ec2", 173 OperationName: "AuthorizeSecurityGroupIngress", 174 } 175} 176