ec2_group with port range?

ghexsel · April 11, 2014, 12:01am

Is there a way to define an ec2_group with port ranges, or maybe allow all ports for the security group? There is one example with a protocol of “all” which the code seems to map to -1, but if I use it, I get the following:

…

boto.exception.EC2ResponseError: EC2ResponseError: 400 Bad Request

…
InvalidPermission.MalformedUnsupported IP protocol “-1” - supported: [tcp, udp, icmp]
…

I also tried to define the ports as None (which the code seemed to be doing for that “all” protocol, but I got a
…
InvalidParameterValueInvalid integer value None

…

Is there a work-around?

Michael_DeHaan1 · April 15, 2014, 9:02pm

Saw you opened an RFE on this one: https://github.com/ansible/ansible/issues/6903

Not sure the API supports this or not – any users of this know?

ghexsel · April 16, 2014, 2:03am

Not sure if it matters, but the ec2_group help page does mention an “all” setting, it just doesn’t seem to be working.

Topic		Views
ec2 group module, support for icmp protocol Ansible Project	7	February 17, 2015
ec2_group fails if security group already exists Ansible Project	2	June 5, 2015
ec2_group with permit all Ansible Project aws	0	December 9, 2016
ec2_group fails if security group already exists Ansible Project	0	June 5, 2015
Possible bug in repeated runs of ec2_group module with wide-open rule Ansible Project aws	2	June 19, 2014

ec2_group with port range?

Related topics