API Documentation

Zend/Service/Amazon/Ec2/Securitygroups.php

Show: inherited
Table of Contents

Zend Framework

LICENSE

This source file is subject to the new BSD license that is bundled with this package in the file LICENSE.txt. It is also available through the world-wide-web at this URL: http://framework.zend.com/license/new-bsd If you did not receive a copy of the license and are unable to obtain it through the world-wide-web, please send an email to license@zend.com so we can send you a copy immediately.

Category
Zend  
Copyright
Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  
Package
Zend_Service_Amazon  
Subpackage
Ec2  
Version
$Id: Securitygroups.php 24594 2012-01-05 21:27:01Z matthew $  

\Zend_Service_Amazon_Ec2_Securitygroups

Package: Zend\Service\Amazon\Ec2

An Amazon EC2 interface to create, delete, describe, grand and revoke sercurity permissions.

Parent(s)
\Zend_Service_Amazon_Ec2_Abstract < \Zend_Service_Amazon_Abstract < \Zend_Service_Abstract
Category
Zend  
Copyright
Copyright (c) 2005-2012 Zend Technologies USA Inc. (http://www.zend.com)  
License
New BSD License  

Methods

methodpublicauthorizeGroup( string $name, string $groupName, string $ownerId ) : boolean

Adds permissions to a security group

When authorizing a user/group pair permission, GroupName, SourceSecurityGroupName and SourceSecurityGroupOwnerId must be specified.

Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.

Parameters
Name Type Description
$name string

Name of the group to modify.

$groupName string

Name of security group to authorize access to when operating on a user/group pair.

$ownerId string

Owner of security group to authorize access to when operating on a user/group pair.

Returns
Type Description
boolean
methodpublicauthorizeIp( string $name, string $ipProtocol, integer $fromPort, integer $toPort, string $cidrIp ) : boolean

Adds permissions to a security group

Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 can be used as a wildcard in the type and code fields.

Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.

Parameters
Name Type Description
$name string

Name of the group to modify.

$ipProtocol string

IP protocol to authorize access to when operating on a CIDR IP.

$fromPort integer

Bottom of port range to authorize access to when operating on a CIDR IP. This contains the ICMP type if ICMP is being authorized.

$toPort integer

Top of port range to authorize access to when operating on a CIDR IP. This contains the ICMP code if ICMP is being authorized.

$cidrIp string

CIDR IP range to authorize access to when operating on a CIDR IP.

Returns
Type Description
boolean
methodpubliccreate( string $name, string $description ) : boolean

Creates a new security group.

Every instance is launched in a security group. If no security group is specified during launch, the instances are launched in the default security group. Instances within the same security group have unrestricted network access to each other. Instances will reject network access attempts from other instances in a different security group. As the owner of instances you can grant or revoke specific permissions using the {@link authorizeIp}, {@link authorizeGroup}, {@link revokeGroup} and {$link revokeIp} operations.

Parameters
Name Type Description
$name string

Name of the new security group.

$description string

Description of the new security group.

Returns
Type Description
boolean
methodpublicdelete( string $name ) : boolean

Deletes a security group.

If you attempt to delete a security group that contains instances, a fault is returned. If you attempt to delete a security group that is referenced by another security group, a fault is returned. For example, if security group B has a rule that allows access from security group A, security group A cannot be deleted until the allow rule is removed.

Parameters
Name Type Description
$name string

Name of the security group to delete.

Returns
Type Description
boolean
methodpublicdescribe( string|array $name = null ) : array

Returns information about security groups that you own.

If you specify security group names, information about those security group is returned. Otherwise, information for all security group is returned. If you specify a group that does not exist, a fault is returned.

Parameters
Name Type Description
$name string|array

List of security groups to describe

Returns
Type Description
array
methodpublicrevokeGroup( string $name, string $groupName, string $ownerId ) : boolean

Revokes permissions from a security group. The permissions used to revoke must be specified using the same values used to grant the permissions.

Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.

When revoking a user/group pair permission, GroupName, SourceSecurityGroupName and SourceSecurityGroupOwnerId must be specified.

Parameters
Name Type Description
$name string

Name of the group to modify.

$groupName string

Name of security group to revoke access to when operating on a user/group pair.

$ownerId string

Owner of security group to revoke access to when operating on a user/group pair.

Returns
Type Description
boolean
methodpublicrevokeIp( string $name, string $ipProtocol, integer $fromPort, integer $toPort, string $cidrIp ) : boolean

Revokes permissions from a security group. The permissions used to revoke must be specified using the same values used to grant the permissions.

Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 can be used as a wildcard in the type and code fields.

Permission changes are propagated to instances within the security group as quickly as possible. However, depending on the number of instances, a small delay might occur.

Parameters
Name Type Description
$name string

Name of the group to modify.

$ipProtocol string

IP protocol to revoke access to when operating on a CIDR IP.

$fromPort integer

Bottom of port range to revoke access to when operating on a CIDR IP. This contains the ICMP type if ICMP is being revoked.

$toPort integer

Top of port range to revoked access to when operating on a CIDR IP. This contains the ICMP code if ICMP is being revoked.

$cidrIp string

CIDR IP range to revoke access to when operating on a CIDR IP.

Returns
Type Description
boolean
Documentation was generated by DocBlox 0.15.1.