Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the Amazon Web Services (AWS) cloud. You can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security and networking, and manage storage.
This document provides information about the AWS EC2 connector, which facilitates automated interactions, with AWS EC2 services using FortiSOAR™ playbooks. Add the AWS EC2 connector as a step in FortiSOAR™ playbooks and perform automated operations, such as launching a new instance, taking snapshots of volumes, detaching volumes and terminating an instance.
Connector Version: 2.0.0
FortiSOAR™ Version Tested on: 5.0.0-866
AWS EC2 Version Tested on: 2
Authored By: Fortinet
Certified: Yes
Following enhancements have been made to the AWS EC2
connector in version 2.0.0:
From FortiSOAR™ 5.0.0 onwards, use the Connector Store to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command to install connectors. Connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and run the yum command as a root user to install connectors:
yum install cyops-connector-aws
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Connectors page, click the AWS EC2 connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
Parameter | Description |
---|---|
AWS Region | Your account's AWS region that you will use to access AWS services. |
AWS Access Key ID | ID of the AWS Access Key to access AWS services. |
AWS Secret Access Key | Key of the AWS Secret Access to access AWS services. |
The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 and onwards:
Function | Description | Annotation and Category |
---|---|---|
Get AMIs Detail | Retrieves details for all AMIs (Amazon Machine Images) or specific AMIs, based on input parameters you have specified, from AWS. | get_ami_details Miscellaneous |
Launch Instance | Launches a new instance on AWS having basic configuration based on the image ID, instance type, and other input parameters you have specified. | launch_instance Investigation |
Get Instance Details | Retrieves details for an instance you have specified, using the instance ID from AWS EC2. | get_instance_info Investigation |
Start Instance | Starts an instance you have specified using the instance ID on AWS EC2. | start_instance Miscellaneous |
Stop Instance | Stops an instance you have specified using the instance ID on AWS EC2. | stop_instance Miscellaneous |
Reboot Instance | Reboots an instance you have specified using the instance ID on AWS EC2. | reboot_instance Miscellaneous |
Register Instance To ELB | Registers an AWS EC2 instance to the elastic load balancing (ELB) service on AWS based on the ELB name and instance ID you have specified. | register_instance Miscellaneous |
Attach Instance To Auto Scaling Group | Attaches a running instance to the auto scaling group on AWS EC2 based on the auto scaling group name and instance ID (s) you have specified. | attach_instance Miscellaneous |
Detach Instance From Auto Scaling Group | Detaches an AWS EC2 instance from the auto scaling group on AWS EC2 based on the auto scaling group name and instance ID (s) you have specified. | detach_instance Miscellaneous |
Instance API Termination | Terminates an instance on AWS EC2 using the REST API, if you have enabled this operation based on the instance ID and action you have specified. Important: This operation is not applicable for spot instance. |
|
Terminate Instance | Terminates an AWS EC2 instance you have specified using the instance ID. | terminate_instance Miscellaneous |
Attach Volume | Attaches a volume to an AWS EC2 instance based on the volume ID, Device Name, and instance ID you have specified. | attach_volume Miscellaneous |
Capture Volume Snapshot | Captures a snapshot of a volume on AWS EC2 based on the volume ID and volume description you have specified. | get_snapshot_volume Miscellaneous |
Detach Volume | Detaches a volume from an AWS EC2 instance based on the volume ID, Device Name, and instance ID you have specified. | detach_volume Remediation |
Delete Volume | Deletes a volume you have specified, using the volume ID. | detach_volume Remediation |
Add Security Group to Instance | Adds a security group to an AWS EC2 instance based on the security group name(s) or ID(s) and instance ID you have specified. | add_group Containment |
Deregister Instance from ELB | Deregisters an AWS EC2 instance from the elastic load balancing (ELB) service on AWS based on the ELB name and instance ID you have specified. | deregister_instance Containment |
Add Instance Tag | Adds a tag to an available AWS EC2 instance you have specified using the instance ID. Note: Tags must be added in a key-value pair. |
add_tag Miscellaneous |
Add Network ACL Rule | Adds a rule to the network access control list (ACL) on AWS EC2 based on the network ID, egress rule, and other input parameters you have specified. | add_rule Containment |
Get User Details | Retrieves details for a user you have specified, using the username from AWS. | get_user_info Investigation |
Create Security Groups | Creates a new security group in the AWS EC2 service based on the group name and description you have specified. | create_security_group Containment |
Get Security Groups | Retrieves details of all security groups from the AWS EC2 service. | get_security_groups Investigation |
Authorize Ingress | Adds (authorizes) ingress rules to a security group on AWS EC2 based on the security group ID, CIDR IP value, and other input parameters you have specified. | authorize_ingress Containment |
Authorize Egress | Adds (authorizes) egress rules to a security group on AWS EC2 based on the security group ID, and IP permissions you have specified. | authorize_egress Containment |
Revoke Egress | Removes (revokes) egress rules from a security group on AWS EC2 based on the security group ID, and IP permissions you have specified. | revoke_egress Containment |
Revoke Ingress | Removes (revokes) ingress rules from a security group on AWS EC2 based on the security group ID, CIDR IP value, and other input parameters you have specified. | revoke_ingress Containment |
Delete Security Groups | Deletes a security group you have specified, using the security group ID. | delete_security_group Remediation |
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list is returned.
Parameter | Description |
---|---|
Image ID | List of IDs of the AMIs whose details you want to retrieve from AWS EC2. |
Executable Users | List of AWS Account IDs of executable users(s) associated with the AMI(s) whose details you want to retrieve from AWS EC2. |
Owners | List of AWS Account IDs of owners associated with the AMI(s) whose details you want to retrieve from AWS EC2. |
Filters | List of filters based on which you want to retrieve details of AMIs from AWS EC2. |
The JSON output contains details for all AMIs from AWS.
The output contains the following populated JSON schema:
{
"Images": [
{
"Architecture": "",
"CreationDate": "",
"ImageId": "",
"ImageLocation": "",
"ImageType": "",
"Public": "",
"OwnerId": "",
"State": "",
"BlockDeviceMappings": [],
"Description": "",
"Hypervisor": "",
"Name": ""
"RootDeviceName": ""
"RootDeviceType": ""
"SriovNetSupport": ""
"VirtualizationType": ""
}
]
"ResponseMetadata": {
"RequestId": "",
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-type": "",
"content-length": "",
"vary": "",
"date": "",
"server": "",
},
"RetryAttempts": ""
},
}
Parameter | Description |
---|---|
Image ID | ID of the AMI on which you want to launch a new instance. You can get the ID of an AMI using the Get AMIs Detail operation. |
Instance Type | Type of the instance that you want to launch on AWS EC2. For example, t1.micro |
Instance MaxCount | Maximum number of instances to launch on AWS EC2. If you specify a maximum that is greater than the maximum number of instances Amazon EC2 can launch in the target Availability Zone, Amazon EC2 launches the largest possible number of instances above MinCount . |
Instance MinCount | Minimum number of instances to launch on AWS EC2. If you specify a minimum that is lesser than the minimum number of instances than Amazon EC2 can launch in the target Availability Zone, Amazon EC2 launches no instances. |
SubNet ID | (Optional) ID of the subnet associated with the network string. You must specify this only if you are creating a network interface when launching an instance. |
Device Name | Name of the device. For example, /dev/sdh or xvdh . |
Instance Delete on Termination | Select this option if you want to delete the interface when the instance is terminated. |
Security Group IDs | (Optional) ID(s) of the security group(s) to be assigned to the newly launched instance on AWS EC2. |
Purpose For Launch Instance | (Optional) Purpose of launching the instance on AWS EC2. |
Customer Name | (Optional) Name of the customer for whom you are requesting the launch of the new instance on AWS EC2. |
Terminate By Date | (Optional) Date on which the instance will be terminated on AWS EC2. |
The JSON output contains the status of whether or not the requested instance has been launched successfully and the request ID that is used to launch the new instance on AWS.
The output contains the following populated JSON schema:
{
"InstanceId": "",
"ResponseMetadata": {
"HTTPHeaders": {
"vary": "",
"date": "",
"transfer-encoding": "",
"content-type": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
},
"InstanceType": {
"Value": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the instance for which you want to retrieve details from AWS EC2. |
The JSON output retrieves details of the instance from AWS, based on the instance ID that you have specified.
Following image displays a sample output:
The output contains the following populated JSON schema:
{
"Reservations": [
{
"Groups": [],
"Instances": [
{
"KeyName": "",
"State": {
"Code": "",
"Name": ""
},
"Hypervisor": "",
"SecurityGroups": [],
"AmiLaunchIndex": "",
"EnaSupport": "",
"ClientToken": "",
"LaunchTime": "",
"VirtualizationType": "",
"RootDeviceType": "",
"Architecture": "",
"EbsOptimized": "",
"RootDeviceName": "",
"NetworkInterfaces": [],
"ProductCodes": [],
"PrivateDnsName": "",
"ImageId": "",
"PublicDnsName": "",
"InstanceType": "",
"InstanceId": "",
"Monitoring": {
"State": ""
},
"StateReason": {
"Code": "",
"Message": ""
},
"StateTransitionReason": "",
"Placement": {
"GroupName": "",
"Tenancy": "",
"AvailabilityZone": ""
},
"BlockDeviceMappings": []
}
],
"ReservationId": "",
"OwnerId": "",
"RequesterId": ""
}
],
"ResponseMetadata": {
"HTTPHeaders": {
"vary": "",
"date": "",
"transfer-encoding": "",
"content-type": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the instance that you want to start on AWS EC2. |
Purpose | (Optional) Purpose of starting the instance on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been started.
The output contains the following populated JSON schema:
{
"StartingInstances": [
{
"PreviousState": {
"Code": "",
"Name": ""
},
"InstanceId": "",
"CurrentState": {
"Code": "",
"Name": ""
}
}
],
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the instance that you want to stop on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been stopped.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
},
"StoppingInstances": [
{
"PreviousState": {
"Code": "",
"Name": ""
},
"InstanceId": "",
"CurrentState": {
"Code": "",
"Name": ""
}
}
]
}
Parameter | Description |
---|---|
Instance ID | ID of the instance that you want to reboot on AWS EC2. |
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {
"transfer-encoding": "",
"vary": "",
"date": "",
"content-type": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
ELB Name | Name of the ELB to which you want to register the specified instance on AWS EC2. |
Instance ID | ID of the instance that you want to register with the specified ELB on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been registered to the specified ELB.
The output contains the following populated JSON schema:
{
"Instances": [
{
"InstanceId": ""
},
{
"InstanceId": ""
}
],
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"x-amzn-requestid": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Auto Scaling Group Name | Name of the auto scaling group to which you want to attach the specified instance on AWS EC2. |
Instance IDs (In CSV Or List Format) | ID(s) of the instance(s) that you want to attach to the specified auto scaling group using the CSV or list format on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been attached to the specified auto scaling group.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"x-amzn-requestid": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Auto Scaling Group Name | Name of the auto scaling group from which you want to detach the specified instance on AWS EC2. |
Instance IDs | ID of the instance that you want to detach from the specified auto scaling group on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been detached from the specified auto scaling group.
The output contains the following populated JSON schema:
{
"Activities": [
{
"AutoScalingGroupName": "",
"StatusCode": "",
"Progress": "",
"Details": "",
"Cause": "",
"ActivityId": "",
"StartTime": "",
"Description": ""
}
],
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"x-amzn-requestid": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the instance that you want to terminate on AWS EC2 using the REST API. |
Select Action | Specify Enable or Disable to either allow or disallow terminating an instance using the REST API. |
The JSON output contains the status of whether or not the specified instance has been terminated using the Amazon EC2 console, CLI, or API.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the AWS EC2 instance that you want to terminate. |
The JSON output contains the status of whether or not the specified instance has been terminated.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
},
"TerminatingInstances": [
{
"PreviousState": {
"Code": "",
"Name": ""
},
"InstanceId": "",
"CurrentState": {
"Code": "",
"Name": ""
}
}
]
}
Parameter | Description |
---|---|
Volume ID | ID of the volume that you want to attach to the specified instance on AWS EC2. |
Device Name | Name (or full path) of the device on the specified instance on AWS EC2. For example, /dev/sdh or xvdh . |
Instance ID | ID of the instance to which you want to attach the specified volume on AWS EC2. |
The JSON output contains the status of whether or not the specified volume has been attached to the specified instance. Following image displays a sample output:
The output contains the following populated JSON schema:
{
"VolumeId": "",
"State": "",
"InstanceId": "",
"Device": "",
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"vary": "",
"date": "",
"transfer-encoding": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
},
"AttachTime": ""
}
Parameter | Description |
---|---|
Volume ID | ID of the volume on AWS EC2 for which you want to capture a snapshot. |
Volume Description | Description of the snapshot. |
The JSON output contains the status of whether or not the snapshot for the specified volume has been captured.
The output contains the following populated JSON schema:
{
"VolumeId": "",
"State": "",
"SnapshotId": "",
"OwnerId": "",
"Encrypted": "",
"StartTime": "",
"ResponseMetadata": {}
}
Parameter | Description |
---|---|
Volume ID | ID of the volume that you want to detach from the specified instance on AWS EC2. |
Device Name | Name (or full path) of the device on the specified instance on AWS EC2. For example, /dev/sdh or xvdh . |
Instance ID | ID of the instance from which you want to detach the specified volume on AWS EC2. |
Force to Detach | Select this option if you want to forcefully detach the volume from the specified instance on AWS EC2. |
The JSON output contains the status of whether or not the specified volume has been detached from the specified instance.
The output contains the following populated JSON schema:
{
"VolumeId": "",
"State": "",
"InstanceId": "",
"Device": "",
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"vary": "",
"date": "",
"transfer-encoding": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
},
"AttachTime": ""
}
Parameter | Description |
---|---|
Volume ID | ID of the volume that you want to delete on AWS EC2. |
The JSON output contains the status of whether or not the specified volume has been deleted.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the instance that you want to add to the specified Security Group(s) on AWS EC2. |
Security Group Name or ID (In CSV Or List Format) | Name(s) or ID(s) of the Security Group(s) to which you want to add the specified instance on AWS EC2. The Security Group ID(s) or Name(s) must be specified in the CSV or list format. For example, ["default", "launch-wizard-3", "sg-9fc7dcf7"] |
The JSON output contains the status of whether or not the specified instance has been added to the specified Security Group(s).
The output contains the following populated JSON schema:
{
"Response": {
"ResponseMetadata": {}
}
}
Parameter | Description |
---|---|
ELB Name | Name of the ELB from which you want to deregister the specified instance on AWS EC2. |
Instance ID | ID of the instance that you want to deregister from the specified ELB on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been deregistered from the specified ELB.
The output contains the following populated JSON schema:
{
"Instances": [],
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"x-amzn-requestid": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the AWS EC2 instance to which you want to add a tag. |
Tag Key | Key for the tag that you want to add. |
Value | Value for the tag that you want to add. |
The JSON output contains the status of whether or not the specified tag has been added to the specified instance.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Network ID | ID of the network in which you want to add the ACL rule on AWS EC2. |
Egress Rule | Select either Inbound_Rule or Outbound_Rule. |
IP Address | IP address of the network in which you want to add the ACL rule on AWS EC2. |
Rule Action | Action that the rule must perform. Choose between DENY or ALLOW. |
Rule Number | Position of where the rule must be placed in the ACL rules on AWS EC2. |
The JSON output contains the status of whether or not the ACL rule is added to the specified network.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"vary": "",
"date": "",
"transfer-encoding": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Username | Name of the user for whom you want to retrieve details from AWS. |
The JSON output retrieves details of the user from AWS, based on the username that you have specified.
The output contains the following populated JSON schema:
{
"UserID": "",
"CreateDate": "",
"MFADevices": "",
"UserName": "",
"UserPolicies": "",
"UserGroups": ""
}
Parameter | Description |
---|---|
Group Name | Name of the new security group that you want to create on AWS EC2. |
Description | Description of the new security group that you want to create on AWS EC2. |
The output contains the following populated JSON schema:
{
"GroupId": "",
"ResponseMetadata": {
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
None.
The output contains the following populated JSON schema:
{
"SecurityGroups": [
{
"VpcId": "",
"OwnerId": "",
"IpPermissionsEgress": [
{
"IpRanges": [
{
"CidrIp": ""
}
],
"PrefixListIds": [],
"Ipv6Ranges": [],
"IpProtocol": "",
"UserIdGroupPairs": []
}
],
"GroupId": "",
"Description": "",
"GroupName": "",
"IpPermissions": [
{
"IpRanges": [
{
"CidrIp": ""
}
],
"PrefixListIds": [],
"Ipv6Ranges": [],
"IpProtocol": "",
"FromPort": "",
"ToPort": "",
"UserIdGroupPairs": []
}
]
}
],
"ResponseMetadata": {
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"vary": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Security Group ID | ID of the security group ID on AWS EC2 in which you want to authorize (add) the ingress rule. |
CIDR IP | Value of the CIDR IP to be used for authorizing the ingress rule on AWS EC2. |
From Port | Starting port number. |
To Port | Ending port number. |
IP Protocol | IP Protocol that you want to use for authorizing the ingress rule. You can specify one of the following options: TCP, UDP, or ICMP. |
Source Security Group Name | (Optional) Name of the source security group. Note: You cannot specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead. For EC2-VPC, the source security group must be in the same VPC. |
Source Security Group Owner ID | (Optional) AWS account ID of the source security group, if the source security group is in a different account. Note: You cannot specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead. |
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Security Group ID | ID of the security group ID on AWS EC2 in which you want to authorize (add) egress rules. |
IP Permissions | IP permissions required to authorize egress rules. |
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Security Group ID | ID of the security group ID on AWS EC2 from which you want to revoke (remove) egress rules. |
IP Permissions | IP permissions required to revoke egress rules. |
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Security Group ID | ID of the security group ID on AWS EC2 from which you want to revoke (remove) the ingress rule. |
CIDR IP | Value of the CIDR IP to be used for revoking the ingress rule on AWS EC2. |
From Port | Starting port number. |
To Port | Ending port number. |
IP Protocol | IP Protocol that you want to use for revoking the ingress rule. You can specify one of the following options: TCP, UDP, or ICMP. |
Source Security Group Name | (Optional) Name of the source security group. Note: You cannot specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. For EC2-VPC, the source security group must be in the same VPC. To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead. |
Source Security Group Owner ID | (Optional) AWS account ID of the source security group, if the source security group is in a different account. Note: You cannot specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead. |
The output contains the following populated JSON schema:
{
"env": {},
"operation": "",
"data": {
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
&nbsnbsp; "server": ""
},
"RetryAttempts": "",
"RequestId": ""
}
},
"status": "",
"message": ""
}
Parameter | Description |
---|---|
Security Group ID | ID of the security group ID that you want to delete from AWS EC2. |
The output contains the following populated JSON schema:
{
"message": "",
"operation": "",
"data": {
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
}
},
"status": "",
"env": {}
}
The Sample - AWS EC2 - 2.0.0
playbook collection comes bundled with the AWS EC2 connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the AWS EC2 connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.
Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the Amazon Web Services (AWS) cloud. You can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security and networking, and manage storage.
This document provides information about the AWS EC2 connector, which facilitates automated interactions, with AWS EC2 services using FortiSOAR™ playbooks. Add the AWS EC2 connector as a step in FortiSOAR™ playbooks and perform automated operations, such as launching a new instance, taking snapshots of volumes, detaching volumes and terminating an instance.
Connector Version: 2.0.0
FortiSOAR™ Version Tested on: 5.0.0-866
AWS EC2 Version Tested on: 2
Authored By: Fortinet
Certified: Yes
Following enhancements have been made to the AWS EC2
connector in version 2.0.0:
From FortiSOAR™ 5.0.0 onwards, use the Connector Store to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command to install connectors. Connectors provided by FortiSOAR™ are delivered using a FortiSOAR™ repository. Therefore, you must set up your FortiSOAR™ repository and run the yum command as a root user to install connectors:
yum install cyops-connector-aws
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Connectors page, click the AWS EC2 connector row (if you are in the Grid view on the Connectors page) and in the Configurations tab enter the required configuration details:
Parameter | Description |
---|---|
AWS Region | Your account's AWS region that you will use to access AWS services. |
AWS Access Key ID | ID of the AWS Access Key to access AWS services. |
AWS Secret Access Key | Key of the AWS Secret Access to access AWS services. |
The following automated operations can be included in playbooks, and you can also use the annotations to access operations from FortiSOAR™ release 4.10.0 and onwards:
Function | Description | Annotation and Category |
---|---|---|
Get AMIs Detail | Retrieves details for all AMIs (Amazon Machine Images) or specific AMIs, based on input parameters you have specified, from AWS. | get_ami_details Miscellaneous |
Launch Instance | Launches a new instance on AWS having basic configuration based on the image ID, instance type, and other input parameters you have specified. | launch_instance Investigation |
Get Instance Details | Retrieves details for an instance you have specified, using the instance ID from AWS EC2. | get_instance_info Investigation |
Start Instance | Starts an instance you have specified using the instance ID on AWS EC2. | start_instance Miscellaneous |
Stop Instance | Stops an instance you have specified using the instance ID on AWS EC2. | stop_instance Miscellaneous |
Reboot Instance | Reboots an instance you have specified using the instance ID on AWS EC2. | reboot_instance Miscellaneous |
Register Instance To ELB | Registers an AWS EC2 instance to the elastic load balancing (ELB) service on AWS based on the ELB name and instance ID you have specified. | register_instance Miscellaneous |
Attach Instance To Auto Scaling Group | Attaches a running instance to the auto scaling group on AWS EC2 based on the auto scaling group name and instance ID (s) you have specified. | attach_instance Miscellaneous |
Detach Instance From Auto Scaling Group | Detaches an AWS EC2 instance from the auto scaling group on AWS EC2 based on the auto scaling group name and instance ID (s) you have specified. | detach_instance Miscellaneous |
Instance API Termination | Terminates an instance on AWS EC2 using the REST API, if you have enabled this operation based on the instance ID and action you have specified. Important: This operation is not applicable for spot instance. |
|
Terminate Instance | Terminates an AWS EC2 instance you have specified using the instance ID. | terminate_instance Miscellaneous |
Attach Volume | Attaches a volume to an AWS EC2 instance based on the volume ID, Device Name, and instance ID you have specified. | attach_volume Miscellaneous |
Capture Volume Snapshot | Captures a snapshot of a volume on AWS EC2 based on the volume ID and volume description you have specified. | get_snapshot_volume Miscellaneous |
Detach Volume | Detaches a volume from an AWS EC2 instance based on the volume ID, Device Name, and instance ID you have specified. | detach_volume Remediation |
Delete Volume | Deletes a volume you have specified, using the volume ID. | detach_volume Remediation |
Add Security Group to Instance | Adds a security group to an AWS EC2 instance based on the security group name(s) or ID(s) and instance ID you have specified. | add_group Containment |
Deregister Instance from ELB | Deregisters an AWS EC2 instance from the elastic load balancing (ELB) service on AWS based on the ELB name and instance ID you have specified. | deregister_instance Containment |
Add Instance Tag | Adds a tag to an available AWS EC2 instance you have specified using the instance ID. Note: Tags must be added in a key-value pair. |
add_tag Miscellaneous |
Add Network ACL Rule | Adds a rule to the network access control list (ACL) on AWS EC2 based on the network ID, egress rule, and other input parameters you have specified. | add_rule Containment |
Get User Details | Retrieves details for a user you have specified, using the username from AWS. | get_user_info Investigation |
Create Security Groups | Creates a new security group in the AWS EC2 service based on the group name and description you have specified. | create_security_group Containment |
Get Security Groups | Retrieves details of all security groups from the AWS EC2 service. | get_security_groups Investigation |
Authorize Ingress | Adds (authorizes) ingress rules to a security group on AWS EC2 based on the security group ID, CIDR IP value, and other input parameters you have specified. | authorize_ingress Containment |
Authorize Egress | Adds (authorizes) egress rules to a security group on AWS EC2 based on the security group ID, and IP permissions you have specified. | authorize_egress Containment |
Revoke Egress | Removes (revokes) egress rules from a security group on AWS EC2 based on the security group ID, and IP permissions you have specified. | revoke_egress Containment |
Revoke Ingress | Removes (revokes) ingress rules from a security group on AWS EC2 based on the security group ID, CIDR IP value, and other input parameters you have specified. | revoke_ingress Containment |
Delete Security Groups | Deletes a security group you have specified, using the security group ID. | delete_security_group Remediation |
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied, and an unfiltered list is returned.
Parameter | Description |
---|---|
Image ID | List of IDs of the AMIs whose details you want to retrieve from AWS EC2. |
Executable Users | List of AWS Account IDs of executable users(s) associated with the AMI(s) whose details you want to retrieve from AWS EC2. |
Owners | List of AWS Account IDs of owners associated with the AMI(s) whose details you want to retrieve from AWS EC2. |
Filters | List of filters based on which you want to retrieve details of AMIs from AWS EC2. |
The JSON output contains details for all AMIs from AWS.
The output contains the following populated JSON schema:
{
"Images": [
{
"Architecture": "",
"CreationDate": "",
"ImageId": "",
"ImageLocation": "",
"ImageType": "",
"Public": "",
"OwnerId": "",
"State": "",
"BlockDeviceMappings": [],
"Description": "",
"Hypervisor": "",
"Name": ""
"RootDeviceName": ""
"RootDeviceType": ""
"SriovNetSupport": ""
"VirtualizationType": ""
}
]
"ResponseMetadata": {
"RequestId": "",
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-type": "",
"content-length": "",
"vary": "",
"date": "",
"server": "",
},
"RetryAttempts": ""
},
}
Parameter | Description |
---|---|
Image ID | ID of the AMI on which you want to launch a new instance. You can get the ID of an AMI using the Get AMIs Detail operation. |
Instance Type | Type of the instance that you want to launch on AWS EC2. For example, t1.micro |
Instance MaxCount | Maximum number of instances to launch on AWS EC2. If you specify a maximum that is greater than the maximum number of instances Amazon EC2 can launch in the target Availability Zone, Amazon EC2 launches the largest possible number of instances above MinCount . |
Instance MinCount | Minimum number of instances to launch on AWS EC2. If you specify a minimum that is lesser than the minimum number of instances than Amazon EC2 can launch in the target Availability Zone, Amazon EC2 launches no instances. |
SubNet ID | (Optional) ID of the subnet associated with the network string. You must specify this only if you are creating a network interface when launching an instance. |
Device Name | Name of the device. For example, /dev/sdh or xvdh . |
Instance Delete on Termination | Select this option if you want to delete the interface when the instance is terminated. |
Security Group IDs | (Optional) ID(s) of the security group(s) to be assigned to the newly launched instance on AWS EC2. |
Purpose For Launch Instance | (Optional) Purpose of launching the instance on AWS EC2. |
Customer Name | (Optional) Name of the customer for whom you are requesting the launch of the new instance on AWS EC2. |
Terminate By Date | (Optional) Date on which the instance will be terminated on AWS EC2. |
The JSON output contains the status of whether or not the requested instance has been launched successfully and the request ID that is used to launch the new instance on AWS.
The output contains the following populated JSON schema:
{
"InstanceId": "",
"ResponseMetadata": {
"HTTPHeaders": {
"vary": "",
"date": "",
"transfer-encoding": "",
"content-type": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
},
"InstanceType": {
"Value": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the instance for which you want to retrieve details from AWS EC2. |
The JSON output retrieves details of the instance from AWS, based on the instance ID that you have specified.
Following image displays a sample output:
The output contains the following populated JSON schema:
{
"Reservations": [
{
"Groups": [],
"Instances": [
{
"KeyName": "",
"State": {
"Code": "",
"Name": ""
},
"Hypervisor": "",
"SecurityGroups": [],
"AmiLaunchIndex": "",
"EnaSupport": "",
"ClientToken": "",
"LaunchTime": "",
"VirtualizationType": "",
"RootDeviceType": "",
"Architecture": "",
"EbsOptimized": "",
"RootDeviceName": "",
"NetworkInterfaces": [],
"ProductCodes": [],
"PrivateDnsName": "",
"ImageId": "",
"PublicDnsName": "",
"InstanceType": "",
"InstanceId": "",
"Monitoring": {
"State": ""
},
"StateReason": {
"Code": "",
"Message": ""
},
"StateTransitionReason": "",
"Placement": {
"GroupName": "",
"Tenancy": "",
"AvailabilityZone": ""
},
"BlockDeviceMappings": []
}
],
"ReservationId": "",
"OwnerId": "",
"RequesterId": ""
}
],
"ResponseMetadata": {
"HTTPHeaders": {
"vary": "",
"date": "",
"transfer-encoding": "",
"content-type": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the instance that you want to start on AWS EC2. |
Purpose | (Optional) Purpose of starting the instance on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been started.
The output contains the following populated JSON schema:
{
"StartingInstances": [
{
"PreviousState": {
"Code": "",
"Name": ""
},
"InstanceId": "",
"CurrentState": {
"Code": "",
"Name": ""
}
}
],
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the instance that you want to stop on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been stopped.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
},
"StoppingInstances": [
{
"PreviousState": {
"Code": "",
"Name": ""
},
"InstanceId": "",
"CurrentState": {
"Code": "",
"Name": ""
}
}
]
}
Parameter | Description |
---|---|
Instance ID | ID of the instance that you want to reboot on AWS EC2. |
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {
"transfer-encoding": "",
"vary": "",
"date": "",
"content-type": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
ELB Name | Name of the ELB to which you want to register the specified instance on AWS EC2. |
Instance ID | ID of the instance that you want to register with the specified ELB on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been registered to the specified ELB.
The output contains the following populated JSON schema:
{
"Instances": [
{
"InstanceId": ""
},
{
"InstanceId": ""
}
],
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"x-amzn-requestid": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Auto Scaling Group Name | Name of the auto scaling group to which you want to attach the specified instance on AWS EC2. |
Instance IDs (In CSV Or List Format) | ID(s) of the instance(s) that you want to attach to the specified auto scaling group using the CSV or list format on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been attached to the specified auto scaling group.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"x-amzn-requestid": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Auto Scaling Group Name | Name of the auto scaling group from which you want to detach the specified instance on AWS EC2. |
Instance IDs | ID of the instance that you want to detach from the specified auto scaling group on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been detached from the specified auto scaling group.
The output contains the following populated JSON schema:
{
"Activities": [
{
"AutoScalingGroupName": "",
"StatusCode": "",
"Progress": "",
"Details": "",
"Cause": "",
"ActivityId": "",
"StartTime": "",
"Description": ""
}
],
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"x-amzn-requestid": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the instance that you want to terminate on AWS EC2 using the REST API. |
Select Action | Specify Enable or Disable to either allow or disallow terminating an instance using the REST API. |
The JSON output contains the status of whether or not the specified instance has been terminated using the Amazon EC2 console, CLI, or API.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the AWS EC2 instance that you want to terminate. |
The JSON output contains the status of whether or not the specified instance has been terminated.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
},
"TerminatingInstances": [
{
"PreviousState": {
"Code": "",
"Name": ""
},
"InstanceId": "",
"CurrentState": {
"Code": "",
"Name": ""
}
}
]
}
Parameter | Description |
---|---|
Volume ID | ID of the volume that you want to attach to the specified instance on AWS EC2. |
Device Name | Name (or full path) of the device on the specified instance on AWS EC2. For example, /dev/sdh or xvdh . |
Instance ID | ID of the instance to which you want to attach the specified volume on AWS EC2. |
The JSON output contains the status of whether or not the specified volume has been attached to the specified instance. Following image displays a sample output:
The output contains the following populated JSON schema:
{
"VolumeId": "",
"State": "",
"InstanceId": "",
"Device": "",
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"vary": "",
"date": "",
"transfer-encoding": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
},
"AttachTime": ""
}
Parameter | Description |
---|---|
Volume ID | ID of the volume on AWS EC2 for which you want to capture a snapshot. |
Volume Description | Description of the snapshot. |
The JSON output contains the status of whether or not the snapshot for the specified volume has been captured.
The output contains the following populated JSON schema:
{
"VolumeId": "",
"State": "",
"SnapshotId": "",
"OwnerId": "",
"Encrypted": "",
"StartTime": "",
"ResponseMetadata": {}
}
Parameter | Description |
---|---|
Volume ID | ID of the volume that you want to detach from the specified instance on AWS EC2. |
Device Name | Name (or full path) of the device on the specified instance on AWS EC2. For example, /dev/sdh or xvdh . |
Instance ID | ID of the instance from which you want to detach the specified volume on AWS EC2. |
Force to Detach | Select this option if you want to forcefully detach the volume from the specified instance on AWS EC2. |
The JSON output contains the status of whether or not the specified volume has been detached from the specified instance.
The output contains the following populated JSON schema:
{
"VolumeId": "",
"State": "",
"InstanceId": "",
"Device": "",
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"vary": "",
"date": "",
"transfer-encoding": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
},
"AttachTime": ""
}
Parameter | Description |
---|---|
Volume ID | ID of the volume that you want to delete on AWS EC2. |
The JSON output contains the status of whether or not the specified volume has been deleted.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the instance that you want to add to the specified Security Group(s) on AWS EC2. |
Security Group Name or ID (In CSV Or List Format) | Name(s) or ID(s) of the Security Group(s) to which you want to add the specified instance on AWS EC2. The Security Group ID(s) or Name(s) must be specified in the CSV or list format. For example, ["default", "launch-wizard-3", "sg-9fc7dcf7"] |
The JSON output contains the status of whether or not the specified instance has been added to the specified Security Group(s).
The output contains the following populated JSON schema:
{
"Response": {
"ResponseMetadata": {}
}
}
Parameter | Description |
---|---|
ELB Name | Name of the ELB from which you want to deregister the specified instance on AWS EC2. |
Instance ID | ID of the instance that you want to deregister from the specified ELB on AWS EC2. |
The JSON output contains the status of whether or not the specified instance has been deregistered from the specified ELB.
The output contains the following populated JSON schema:
{
"Instances": [],
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"x-amzn-requestid": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Instance ID | ID of the AWS EC2 instance to which you want to add a tag. |
Tag Key | Key for the tag that you want to add. |
Value | Value for the tag that you want to add. |
The JSON output contains the status of whether or not the specified tag has been added to the specified instance.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Network ID | ID of the network in which you want to add the ACL rule on AWS EC2. |
Egress Rule | Select either Inbound_Rule or Outbound_Rule. |
IP Address | IP address of the network in which you want to add the ACL rule on AWS EC2. |
Rule Action | Action that the rule must perform. Choose between DENY or ALLOW. |
Rule Number | Position of where the rule must be placed in the ACL rules on AWS EC2. |
The JSON output contains the status of whether or not the ACL rule is added to the specified network.
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"vary": "",
"date": "",
"transfer-encoding": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Username | Name of the user for whom you want to retrieve details from AWS. |
The JSON output retrieves details of the user from AWS, based on the username that you have specified.
The output contains the following populated JSON schema:
{
"UserID": "",
"CreateDate": "",
"MFADevices": "",
"UserName": "",
"UserPolicies": "",
"UserGroups": ""
}
Parameter | Description |
---|---|
Group Name | Name of the new security group that you want to create on AWS EC2. |
Description | Description of the new security group that you want to create on AWS EC2. |
The output contains the following populated JSON schema:
{
"GroupId": "",
"ResponseMetadata": {
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
None.
The output contains the following populated JSON schema:
{
"SecurityGroups": [
{
"VpcId": "",
"OwnerId": "",
"IpPermissionsEgress": [
{
"IpRanges": [
{
"CidrIp": ""
}
],
"PrefixListIds": [],
"Ipv6Ranges": [],
"IpProtocol": "",
"UserIdGroupPairs": []
}
],
"GroupId": "",
"Description": "",
"GroupName": "",
"IpPermissions": [
{
"IpRanges": [
{
"CidrIp": ""
}
],
"PrefixListIds": [],
"Ipv6Ranges": [],
"IpProtocol": "",
"FromPort": "",
"ToPort": "",
"UserIdGroupPairs": []
}
]
}
],
"ResponseMetadata": {
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"vary": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Security Group ID | ID of the security group ID on AWS EC2 in which you want to authorize (add) the ingress rule. |
CIDR IP | Value of the CIDR IP to be used for authorizing the ingress rule on AWS EC2. |
From Port | Starting port number. |
To Port | Ending port number. |
IP Protocol | IP Protocol that you want to use for authorizing the ingress rule. You can specify one of the following options: TCP, UDP, or ICMP. |
Source Security Group Name | (Optional) Name of the source security group. Note: You cannot specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead. For EC2-VPC, the source security group must be in the same VPC. |
Source Security Group Owner ID | (Optional) AWS account ID of the source security group, if the source security group is in a different account. Note: You cannot specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead. |
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"server": ""
},
"HTTPStatusCode": "",
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Security Group ID | ID of the security group ID on AWS EC2 in which you want to authorize (add) egress rules. |
IP Permissions | IP permissions required to authorize egress rules. |
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Security Group ID | ID of the security group ID on AWS EC2 from which you want to revoke (remove) egress rules. |
IP Permissions | IP permissions required to revoke egress rules. |
The output contains the following populated JSON schema:
{
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
}
}
Parameter | Description |
---|---|
Security Group ID | ID of the security group ID on AWS EC2 from which you want to revoke (remove) the ingress rule. |
CIDR IP | Value of the CIDR IP to be used for revoking the ingress rule on AWS EC2. |
From Port | Starting port number. |
To Port | Ending port number. |
IP Protocol | IP Protocol that you want to use for revoking the ingress rule. You can specify one of the following options: TCP, UDP, or ICMP. |
Source Security Group Name | (Optional) Name of the source security group. Note: You cannot specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. For EC2-VPC, the source security group must be in the same VPC. To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead. |
Source Security Group Owner ID | (Optional) AWS account ID of the source security group, if the source security group is in a different account. Note: You cannot specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead. |
The output contains the following populated JSON schema:
{
"env": {},
"operation": "",
"data": {
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
&nbsnbsp; "server": ""
},
"RetryAttempts": "",
"RequestId": ""
}
},
"status": "",
"message": ""
}
Parameter | Description |
---|---|
Security Group ID | ID of the security group ID that you want to delete from AWS EC2. |
The output contains the following populated JSON schema:
{
"message": "",
"operation": "",
"data": {
"ResponseMetadata": {
"HTTPStatusCode": "",
"HTTPHeaders": {
"content-length": "",
"date": "",
"content-type": "",
"server": ""
},
"RetryAttempts": "",
"RequestId": ""
}
},
"status": "",
"env": {}
}
The Sample - AWS EC2 - 2.0.0
playbook collection comes bundled with the AWS EC2 connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the AWS EC2 connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during connector upgrade and delete.