Public Member Functions | |
| create ($name, $description) | |
| Creates a new security group. | |
| describe ($name=null) | |
| Returns information about security groups that you own. | |
| delete ($name) | |
| Deletes a security group. | |
| authorizeIp ($name, $ipProtocol, $fromPort, $toPort, $cidrIp) | |
| Adds permissions to a security group. | |
| authorizeGroup ($name, $groupName, $ownerId) | |
| Adds permissions to a security group. | |
| revokeIp ($name, $ipProtocol, $fromPort, $toPort, $cidrIp) | |
| Revokes permissions from a security group. | |
| revokeGroup ($name, $groupName, $ownerId) | |
| Revokes permissions from a security group. | |
 Public Member Functions inherited from Zend_Service_Amazon_Ec2_Abstract | |
| __construct ($accessKey=null, $secretKey=null, $region=null) | |
| Create Amazon client. | |
| Public Member Functions inherited from Zend_Service_Amazon_Abstract | |
| __construct ($accessKey=null, $secretKey=null) | |
| Create Amazon client. | |
Additional Inherited Members | |
| Static Public Member Functions inherited from Zend_Service_Amazon_Ec2_Abstract | |
| static | setRegion ($region) |
| Set which region you are working in. | |
| Protected Member Functions inherited from Zend_Service_Amazon_Ec2_Abstract | |
| _getRegion () | |
| Method to fetch the AWS Region. | |
| sendRequest (array $params=array()) | |
| Sends a HTTP request to the queue service using Zend_Http_Client. | |
| addRequiredParameters (array $parameters) | |
| Adds required authentication and version parameters to an array of parameters. | |
| signParameters (array $paramaters) | |
| Computes the RFC 2104-compliant HMAC signature for request parameters. | |
| Protected Attributes inherited from Zend_Service_Amazon_Ec2_Abstract | |
| $_ec2Endpoint = 'ec2.amazonaws.com' | |
| The HTTP query server. | |
| $_ec2ApiVersion = '2009-04-04' | |
| The API version to use. | |
| $_ec2SignatureVersion = '2' | |
| Signature Version. | |
| $_ec2SignatureMethod = 'HmacSHA256' | |
| Signature Encoding Method. | |
| $_httpTimeout = 10 | |
| Period after which HTTP request will timeout in seconds. | |
| $_region | |
| Static Protected Attributes inherited from Zend_Service_Amazon_Ec2_Abstract | |
| static | $_defaultRegion = null |
| static | $_validEc2Regions = array('eu-west-1', 'us-east-1') |
Member Function Documentation
| authorizeGroup | ( | $name, | |
| $groupName, | |||
| $ownerId | |||
| ) |
Adds permissions to a security group.
When authorizing a user/group pair permission, GroupName, SourceSecurityGroupName and SourceSecurityGroupOwnerId must be specified.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
- Parameters
-
string $name Name of the group to modify. string $groupName Name of security group to authorize access to when operating on a user/group pair. string $ownerId Owner of security group to authorize access to when operating on a user/group pair.
- Returns
- boolean
| authorizeIp | ( | $name, | |
| $ipProtocol, | |||
| $fromPort, | |||
| $toPort, | |||
| $cidrIp | |||
| ) |
Adds permissions to a security group.
Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 can be used as a wildcard in the type and code fields.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
- Parameters
-
string $name Name of the group to modify. string $ipProtocol IP protocol to authorize access to when operating on a CIDR IP. integer $fromPort Bottom of port range to authorize access to when operating on a CIDR IP. This contains the ICMP type if ICMP is being authorized. integer $toPort Top of port range to authorize access to when operating on a CIDR IP. This contains the ICMP code if ICMP is being authorized. string $cidrIp CIDR IP range to authorize access to when operating on a CIDR IP.
- Returns
- boolean
| create | ( | $name, | |
| $description | |||
| ) |
Creates a new security group.
Every instance is launched in a security group. If no security group is specified during launch, the instances are launched in the default security group. Instances within the same security group have unrestricted network access to each other. Instances will reject network access attempts from other instances in a different security group. As the owner of instances you can grant or revoke specific permissions using the authorizeIp, authorizeGroup, revokeGroup and {$link revokeIp} operations.
- Parameters
-
string $name Name of the new security group. string $description Description of the new security group.
- Returns
- boolean
| delete | ( | $name | ) |
Deletes a security group.
If you attempt to delete a security group that contains instances, a fault is returned. If you attempt to delete a security group that is referenced by another security group, a fault is returned. For example, if security group B has a rule that allows access from security group A, security group A cannot be deleted until the allow rule is removed.
- Parameters
-
string $name Name of the security group to delete.
- Returns
- boolean
| describe | ( | $name = null | ) |
Returns information about security groups that you own.
If you specify security group names, information about those security group is returned. Otherwise, information for all security group is returned. If you specify a group that does not exist, a fault is returned.
- Parameters
-
string | array $name List of security groups to describe
- Returns
- array
| revokeGroup | ( | $name, | |
| $groupName, | |||
| $ownerId | |||
| ) |
Revokes permissions from a security group.
The permissions used to revoke must be specified using the same values used to grant the permissions.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
When revoking a user/group pair permission, GroupName, SourceSecurityGroupName and SourceSecurityGroupOwnerId must be specified.
- Parameters
-
string $name Name of the group to modify. string $groupName Name of security group to revoke access to when operating on a user/group pair. string $ownerId Owner of security group to revoke access to when operating on a user/group pair.
- Returns
- boolean
| revokeIp | ( | $name, | |
| $ipProtocol, | |||
| $fromPort, | |||
| $toPort, | |||
| $cidrIp | |||
| ) |
Revokes permissions from a security group.
The permissions used to revoke must be specified using the same values used to grant the permissions.
Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 can be used as a wildcard in the type and code fields.
Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.
- Parameters
-
string $name Name of the group to modify. string $ipProtocol IP protocol to revoke access to when operating on a CIDR IP. integer $fromPort Bottom of port range to revoke access to when operating on a CIDR IP. This contains the ICMP type if ICMP is being revoked. integer $toPort Top of port range to revoked access to when operating on a CIDR IP. This contains the ICMP code if ICMP is being revoked. string $cidrIp CIDR IP range to revoke access to when operating on a CIDR IP.
- Returns
- boolean
