Golang AWS SDK - AuthorizeSecurityGroupIngress

Getting Help
1

I’m trying to add a description for each input rule in the security group and I’m not sure how. If someone would be so kind to help I’d be grateful.

Thanks,

-------------------------CODE---------------------
package main

import (
“encoding/hex”
“fmt”
“io/ioutil”
“net/http”
“os”
“strings”

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/credentials"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/ec2"

)

// exitErrorf - util function to exit gracefully
func exitErrorf(msg string, args …interface{}) {
fmt.Fprintf(os.Stderr, msg+"\n", args…)
os.Exit(1)
}

// Get - returns the contents of a webpage
func get(url string) (string, error) {
response, err := http.Get(url)
if err != nil {
return “”, err
}
defer response.Body.Close()
contents, err := ioutil.ReadAll(response.Body)
if err != nil {
return “”, err
}
return string(contents), nil
}

func main() {

var awsK = "324234"
var awsS = "32423423kljljlkjsdfkldsf"
var securityGroupID = "sg-3434xxx"

wanIPAddress, err := get("http://checkip.amazonaws.com/")

sess, err := session.NewSession(&aws.Config{
	Region:      aws.String("us-east-1"),
	Credentials: credentials.NewStaticCredentials(awsK, awsS, ""),
})

if err != nil {
	fmt.Println("Error creating session ", err)
	return
}

svc := ec2.New(sess)

_, err = svc.AuthorizeSecurityGroupIngress(&ec2.AuthorizeSecurityGroupIngressInput{
	//GroupName: aws.String(*namePtr),
	GroupId: aws.String(securityGroupID),
	IpPermissions: []*ec2.IpPermission{
		// Can use setters to simplify seting multiple values without the
		// needing to use aws.String or associated helper utilities.
		(&ec2.IpPermission{}).
			SetIpProtocol("tcp").
			SetFromPort(80).
			SetToPort(80).
			SetIpRanges([]*ec2.IpRange{
				{CidrIp: aws.String(TrimSpaceNewlineInString(wanIPAddress) + "/32")},
			}),
		(&ec2.IpPermission{}).
			SetIpProtocol("tcp").
			SetFromPort(443).
			SetToPort(443).
			SetIpRanges([]*ec2.IpRange{
				{CidrIp: aws.String(TrimSpaceNewlineInString(wanIPAddress) + "/32")},
			}),
	},
})

if err != nil {
	exitErrorf("Unable to set security group ingress for ip %s", wanIPAddress)
}

fmt.Printf("Successfully set security group ingress for ip %s\n", wanIPAddress)

}

2

Figured I come back and answer the question in case others are interested. Description should be added after the CidrIp. See below:

_, err = svc.AuthorizeSecurityGroupIngress(&ec2.AuthorizeSecurityGroupIngressInput{

    //GroupName: aws.String(*namePtr),

    GroupId: aws.String(securityGroupID),

    IpPermissions: []*ec2.IpPermission{

        // Can use setters to simplify seting multiple values without the

        // needing to use aws.String or associated helper utilities.

        (&ec2.IpPermission{}).

            SetIpProtocol("tcp").

            SetFromPort(80).

            SetToPort(80).

            SetIpRanges([]*ec2.IpRange{

                {

                    CidrIp:      aws.String(TrimSpaceNewlineInString(wanIPAddress) + "/32"),

                    Description: aws.String(hostname),

                },

            }),

        (&ec2.IpPermission{}).

            SetIpProtocol("tcp").

            SetFromPort(443).

            SetToPort(443).

            SetIpRanges([]*ec2.IpRange{

                {

                    CidrIp:      aws.String(TrimSpaceNewlineInString(wanIPAddress) + "/32"),

                    Description: aws.String(hostname),

                },

            }),

    },

})
3

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.