RDS - Create Security Group

Declaration

<AMAWSRDS ACTIVITY="create_security_group" SECURITYGROUP="text" GROUPDESC="text" RESULTDATASET="text" />

See Also

Description

Creates a DB Security Group. Amazon RDS allows you to control access to your DB Instances using DB Security Groups. A DB Security Group acts like a firewall controlling network access to your DB Instance. By default, network access is turned off to your DB Instances. If you want your applications to access your DB Instance you can allow access from specific EC2 security groups or IP ranges. Once ingress is configured, the same rules apply to all DB Instances associated with that DB Security Group.

NOTE: To allow network access to your DB Instance, use the Authorize Security Group activity with the desired EC2 security group or IP range.

IMPORTANT: The RDS activities in AutoMate use Amazon's RDS engine to perform their work. You must enter a valid Amazon RDS service account in order for these activities to work properly.

Practical Usage

Used to create an RDS Security Group.

Parameters

Security Group Properties

Property

Type

Required

Default

Markup

Description

Group Name

Text

Yes

(Empty)

SECURITYGROUP="MyDBGroup"

The name of the Amazon RDS security group.

Group Description

Text

No

(Empty)

GROUPDESC="description"

Brief description about the security group.

NOTE: Once created, the description cannot be changed.

Create and populate dataset with RDS Security group information

Text

No

(Empty)

RESULTDATASET="myDataset"

The name of the dataset to be created and populated with the RDS security group information. More on datasets below under Datasets.

 

Credentials Properties

The Credentials properties allows you to set or link specific recommendations for this particular RDS activity.

Property

Type

Required

Default

Markup

Description

Provide Credentials

 

 

 

 

Indicates where this activity's credentials should originate from. Different properties apply depending on the option selected. The available options are:

  • Custom (Default) - Specifies that a custom set of credentials will be entered for this EC2 activity. Select this option if performing a single RDS activity.

  • Session Based - Specifies that credentials should derive from a session created in a previous step with the use of the Create Session activity. This allows several RDS activities to be linked to a specific session.

Access Key

Text

Yes

(Empty)

ACCESSKEY=

"022QF06E7MXBSH9DHM02"

A 20-character, alphanumeric string that uniquely identifies a user who owns a RDS account (i.e. 022QF06E7MXBSH9DHM02). This along with a Secret Access Key forms a secure information set that RDS uses to confirm a valid user's identity.

This property is active only if Custom is selected under the Provide Credentials property.

Secret Access Key

Text

Yes

(Empty)

SECRETKEY=

"kWcrlUX5JEDGM/LtmEENI/

aVmYvHNif5zB+d9+ct"

A 40-character string that serves the role as Password to access RDS (i.e. kWcrlUX5JEDGM/LtmEENI/aVmYvHNif5zB+d9+ct). This along with an associated Access Key forms a secure information set that RDS uses to confirm a valid user's identity.

This property is active only if Custom is selected under the Provide Credentials property.

User Agent

Text

No

AutoMate

USERAGENT="AutoMate"

The User-Agent header name. The User-Agent request-header field contains information about the user agent originating the request such as timeouts, proxies, name, etc. The default User Agent name is AutoMate.

This property is active only if Custom is selected under the Provide Credentials property.

Maximum retry on error

Number

No

(Empty)

MAXERRORRETRY="4"

Signifies how many times the Amazon RDS engine should retry the request before returning an error.

This property is active only if Custom is selected under the Provide Credentials property.

Service URL

Text

No

(Empty)

SERVICEURL=

"https://sdb.eu-west-1.amazonaws.com"

The Service URL used to make requests to the RDS service. The Service URL provides the service endpoint. For example, To make the service call to a different region, you can pass the region-specific endpoint, such as 'https://sdb.eu-west-1.amazonaws.com'.

This property is active only if Custom is selected under the Provide Credentials property.

Proxy Host

Text

No

(Empty)

PROXYHOST="proxy.host.com"

The host name (server.domain.com) or IP address (xxx.xxx.xxx.xxx) of the proxy server.

This property is active only if Custom is selected under the Provide Credentials property.

Proxy Port

Number

No

(Empty)

PROXYPORT="1028"

The port that should be used to connect to the proxy server.

This property is active only if Custom is selected under the Provide Credentials property.

Signature Method

 

Text

No

(Empty)

SIGNMETHOD="HmacSHA256"

The Signature Method for signing the request.

This property is active only if Custom is selected under the Provide Credentials property.

Signature Version

 

Number

No

(Empty)

 

SIGNVERSION="2"

 

The Signature Version for signing the request. The version refers to the particular algorithm for signing the request.

This property is active only if Custom is selected under the Provide Credentials property.

Session Name

Text

Yes

(Empty)

SESSION="EC2Session1"

The session name to be created. This allows several RDS activities to be linked to this  session, eliminating redundancy. Numerous sessions can be used within a single task. The default value is RDSSession.

NOTE: Use the End Session activity to end an RDS session.

This property is active only if Session Based is selected under the Provide Credentials property.

 

Description Properties

The Description tab allows you to customize the text description of any step when it appears in the Steps Pane.

More on setting custom step description

Error Causes Properties

The Error Causes tab is part of AutoMate's Error Handling functionality which allows you to select / omit specific errors that will cause a particular step to fail.

More about error causes properties

On Error Properties

The On Error tab is part of AutoMate's Error Handling functionality which allows you to determine what the task should do if a particular step encounters an error.

More about on error properties

Notes

Datasets

A dataset is a multiple column, multiple row container object. This activity creates and populates a dataset containing a specific set of fields. The table below describes these fields (assuming the dataset name assigned was theDataset).

Name

Type

Return Value

theDataset.DBSecurityGroupDescription

Text

Returns the description of the security group.

theDataset.DBSecurityGroupName

Text

Returns the name of the RDS security group.

theDataset.EC2SecurityGroup

Text

Returns the name of the EC2 security group.

theDataset.IPRange

Text

Returns the IP range to allow access.

theDataset.OwnerId

Number

Returns the AWS account number of the owner of the EC2 security group (i.e. 123412341234).

 

Variables and Expressions

All text fields allow the use of expressions, which can be entered by surrounding the expression in percentage signs (example: %MYVARIABLE%, %Left('Text',2)%). To help construct these expressions, you can open Expression Builder from these fields by pressing F2.

More on variables
More on expressions

More on the expression builder

Example

NOTE: The code below can be copied and pasted directly into the Steps pane of the Task Builder.

 

Description: Create RDS security group "mygroup". Security group description is "test group". Store RDS security group information into dataset "theDataset". Use default RDS session.

 

<AMAWSRDS ACTIVITY="create_security_group" SECURITYGROUP="mygroup" GROUPDESC="test group" RESULTDATASET="theDataset" />

 

↑ Top of Page