RDS - Authorize Security Group

Declaration

<AMAWSRDS ACTIVITY="authorize_security_group" SECURITYGROUP="text" EC2GROUP="text" EC2OWNERID="text" RESULTDATASET="text" />

See Also

Description

Authorizes network ingress for an Amazon EC2 security group or an IP address range.

IMPORTANT: The RDS activities in AutoMate use Amazon's RDS engine to perform their work. You must enter a valid Amazon RDS service account in order for these activities to work properly.

Practical Usage

See Description.

Parameters

Security Group Properties

Property

Type

Required

Default

Markup

Description

Group Name

Text

Yes

(Empty)

SECURITYGROUP="MyDBGroup"

The name of the Amazon RDS security group (i.e. mydbsecuritygroup)

CIDRIP

Number

No

(Empty)

CIDRIP="192.168.100.100/0"

Select this parameter to specifiy the IP range to allow access. Must be a valid Classless Inter-Domain Routing (CIDR) range, in the format xxx.xxx.xxx.xxx/x (i.e.192.168.100.100/0).

This parameter is not available if the EC2 Security Group option is selected.

EC2 Security Group

 

 

 

 

Select this parameter to specify the Security Group and Owner ID.

This parameter is not available if the CIDRIP option is selected.

Name

Text

No

(Empty)

EC2GROUP="mydbsecuritygroup"

The name of the Amazon RDS security group (i.e. mydbsecuritygroup)

This parameter is active only if the EC2 Security Group option is selected.

Owner ID

Number

No

(Empty)

EC2OWNERID=123456789012

The AWS account number of the owner of the EC2 security group.

This parameter is active only if the EC2 Security Group option is selected.

Create and populate dataset with RDS Security group information

Text

No

(Empty)

RESULTDATASET="myDataset"

The name of the dataset to be created and populated with the RDS security group information. More on datasets below under Additional Notes.

 

Credentials Properties

The Credentials properties allows you to set or link specific recommendations for this particular RDS activity.

Property

Type

Required

Default

Markup

Description

Provide Credentials

 

 

 

 

Indicates where this activity's credentials should originate from. Different properties apply depending on the option selected. The available options are:

  • Custom (Default) - Specifies that a custom set of credentials will be entered for this EC2 activity. Select this option if performing a single RDS activity.

  • Session Based - Specifies that credentials should derive from a session created in a previous step with the use of the Create Session activity. This allows several RDS activities to be linked to a specific session.

Access Key

Text

Yes

(Empty)

ACCESSKEY=

"022QF06E7MXBSH9DHM02"

A 20-character, alphanumeric string that uniquely identifies a user who owns a RDS account (i.e. 022QF06E7MXBSH9DHM02). This along with a Secret Access Key forms a secure information set that RDS uses to confirm a valid user's identity.

This property is active only if Custom is selected under the Provide Credentials property.

Secret Access Key

Text

Yes

(Empty)

SECRETKEY=

"kWcrlUX5JEDGM/LtmEENI/

aVmYvHNif5zB+d9+ct"

A 40-character string that serves the role as Password to access RDS (i.e. kWcrlUX5JEDGM/LtmEENI/aVmYvHNif5zB+d9+ct). This along with an associated Access Key forms a secure information set that RDS uses to confirm a valid user's identity.

This property is active only if Custom is selected under the Provide Credentials property.

User Agent

Text

No

AutoMate

USERAGENT="AutoMate"

The User-Agent header name. The User-Agent request-header field contains information about the user agent originating the request such as timeouts, proxies, name, etc. The default User Agent name is AutoMate.

This property is active only if Custom is selected under the Provide Credentials property.

Maximum retry on error

Number

No

(Empty)

MAXERRORRETRY="4"

Signifies how many times the Amazon RDS engine should retry the request before returning an error.

This property is active only if Custom is selected under the Provide Credentials property.

Service URL

Text

No

(Empty)

SERVICEURL=

"https://sdb.eu-west-1.amazonaws.com"

The Service URL used to make requests to the RDS service. The Service URL provides the service endpoint. For example, To make the service call to a different region, you can pass the region-specific endpoint, such as 'https://sdb.eu-west-1.amazonaws.com'.

This property is active only if Custom is selected under the Provide Credentials property.

Proxy Host

Text

No

(Empty)

PROXYHOST="proxy.host.com"

The host name (server.domain.com) or IP address (xxx.xxx.xxx.xxx) of the proxy server.

This property is active only if Custom is selected under the Provide Credentials property.

Proxy Port

Number

No

(Empty)

PROXYPORT="1028"

The port that should be used to connect to the proxy server.

This property is active only if Custom is selected under the Provide Credentials property.

Signature Method

Text

No

(Empty)

SIGNMETHOD="HmacSHA256"

The Signature Method for signing the request.

This property is active only if Custom is selected under the Provide Credentials property.

Signature Version

Number

No

(Empty)

SIGNVERSION="2"

The Signature Version for signing the request. The version refers to the particular algorithm for signing the request.

This property is active only if Custom is selected under the Provide Credentials property.

Session Name

Text

Yes

(Empty)

SESSION="EC2Session1"

The session name to be created. This allows several RDS activities to be linked to this  session, eliminating redundancy. Numerous sessions can be used within a single task. The default value is RDSSession.

NOTE: Use the End Session activity to end an RDS session.

This property is active only if Session Based is selected under the Provide Credentials property.

 

Description Properties

The Description tab allows you to customize the text description of any step when it appears in the Steps Pane.

More on setting custom step description

Error Causes Properties

The Error Causes tab is part of AutoMate's Error Handling functionality which allows you to select / omit specific errors that will cause a particular step to fail.

More about error causes properties

On Error Properties

The On Error tab is part of AutoMate's Error Handling functionality which allows you to determine what the task should do if a particular step encounters an error.

More about on error properties

Additional Notes

Datasets

A dataset is a multiple column, multiple row container object. This activity creates and populates a dataset containing a specific set of fields. The table below describes these fields (assuming the dataset name assigned was theDataset).

Name

Type

Return Value

theDataset.DBSecurityGroupDescription

Text

Returns the description of the security group.

theDataset.DBSecurityGroupName

Text

Returns the name of the RDS security group.

theDataset.EC2SecurityGroup

Text

Returns the name of the EC2 security group.

theDataset.IPRange

Text

Returns the IP range to allow access.

theDataset.OwnerId

Number

Returns the AWS account number of the owner of the EC2 security group (i.e. 123412341234).

 

Variables and Expressions

All text fields allow the use of expressions, which can be entered by surrounding the expression in percentage signs (example: %MYVARIABLE%, %Left('Text',2)%). To help construct these expressions, you can open Expression Builder from these fields by pressing F2.

More on variables
More on expressions

More on the expression builder

Example

NOTE: The code below can be copied and pasted directly into the Steps pane of the Task Builder.

 

Description: Authorize RDS security group "securitygroupname". EC2 security group is "ec2groupname". EC2 owner id is "ownerid". Store RDS security group information into dataset "thedata". Use default RDS session.

 

<AMAWSRDS ACTIVITY="authorize_security_group" SECURITYGROUP="securitygroupname" EC2GROUP="ec2groupname" EC2OWNERID="ownerid" RESULTDATASET="thedata" />

 

↑ Top of Page