aws ec2 revoke-security-group-egress is giving errors

2
votes

aws ec2 revoke-security-group-egress --group-id sg-xxxxxxx --protocol tcp --port 443 --cidr 175.41.128.0/18

Error:

A client error (InvalidPermission.NotFound) occurred when calling the RevokeSecurityGroupEgress operation: The specified rule does not exist in this security group.

I have tried with --ip-permissions

aws ec2 revoke-security-group-egress --group-id sg-wwwwwwww --ip-permissions '[{"IpProtocol": "tcp", "FromPort": 443, "ToPort": 443, "IpRanges": [{"CidrIp": "175.41.128.0/18"}]}]'

Error:

A client error (InvalidPermission.NotFound) occurred when calling the RevokeSecurityGroupEgress operation: The specified rule does not exist in this security group.

2
amazon-ec2aws-cli
check you are in the right region or add --region XXX in your command - BMW
If you can set boto and run below command, what you get: conn.get_all_security_groups() - BMW
is there any cmd for inboud connection? - Ramratan Gupta

2 Answers

0
votes

Suppose you set AWS access key properly. when run aws cli command, always remember to add region, if not on default region. 

--region eu-central-1

If you can set boto, and run below commands, what did you get?

import boto.ec2
conn = boto.ec2.connect_to_region('<REPLACE_IT>')
conn.get_all_security_groups()
0
votes

The response means that the rule you're trying to remove is not present within the security group. Maybe it was already removed. I see you pasted the full error message in the comment above:

The specified rule does not exist in this security group.

So try adding the rule, run the command to remove it, and see if you still get the same error.

Amazon's response error code is definitely confusing in this case, since it contains both "InvalidPermission" (which makes you think you're doing something wrong) and "NotFound". In this case, the "NotFound" is the important part.