Amazon RDS - List security groups
Declaration
<AMAWSRDS ACTIVITY="list_security_groups" RESULTDATASET="text" SECURITYGROUP="text" MARKER="number" MAXRECORDS="number" ACCESSKEY="text" SECRETKEY="text (encrypted)" SERVICEURL="text" PROXYHOST="text" USERAGENT="text" PROXYPORT="number" PROXYUSER="text" PROXYPWD="text (encrypted)" MAXERRORRETRY="number" SIGNMETHOD="text" SIGNVERSION="number" />
Description
Retrieves existing security groups and populates a dataset with information such as group name, IP address, Owner ID and much more.
IMPORTANT: Automate's RDS activities
are performed using Amazon's Relational
Database Service engine, therefore, administering
Amazon RDS through Automate requires a valid Access Key ID and
Secret Access Key.
Practical usage
Used to gather information regarding a list of existing security groups. Use the Amazon RDS - Create security group activity to create a new security group.
Parameters
Connection
| Property | Type | Required | Default | Markup | Description |
|---|---|---|---|---|---|
| Connection | --- | --- | --- | --- | Indicates
where Amazon Web Service user credentials and preferences should
originate from. This is a design mode parameter used only during
task construction and configuration, thus, comprises no markup.
The available options are:
|
Connection - Session
| Property | Type | Required | Default | Markup | Description |
|---|---|---|---|---|---|
| Session | Text | Yes, if Connection is set to Session | EC2Session1 | SESSION="RDSSession1" | The name of an existing session to attach this activity to. This parameter is active only if the Connection parameter is set to Session. The default session name is RDSSession1. |
Connection - Host > Credentials
| Property | Type | Required | Default | Markup | Description |
|---|---|---|---|---|---|
| Access key | Text | Yes, if Connection is set to Host | (Empty) | ACCESSKEY="022QF06E7MXBSH9DHM02" | A 20-character alphanumeric string that uniquely identifies the owner of the AWS service account, similar to a username. This key along with a corresponding secret access key forms a secure information set that AWS uses to confirm a valid user's identity. This parameter is active only if the Connection parameter is set to Host. |
| Secret access key | Text | Yes, if Connection is set to Host | (Empty) | SECRETKEY="kWcrlUX5JEDGM/LtmEENI/aVmYvHNif5zB+d9+ct" | A 40-character string that serves the role as password to access the AWS service account. This along with an associated access key forms a secure information set that EC2 uses to confirm a valid user's identity. This parameter is active only if the Connection parameter is set to Host. |
Connection - Host > Advanced
| Property | Type | Required | Default | Markup | Description |
|---|---|---|---|---|---|
| User agent | Text | No | Automate | USERAGENT="Automate" | The name of the client or application initiating requests to AWS. The default value is Automate. |
| Maximum number of retries on error | Number | No | (Empty) | MAXERRORRETRY="4" | The total amount of times this activity should retry its request to the server before returning an error. Network components can generate errors anytime in the life of a request, thus, implementing retries can increase reliability. |
| Service URL | Text | No | (Empty) | SERVICEURL="https://rds.eu-west-1.amazonaws.com" | The URL that provides the service endpoint. To make the service call to a different region, you can pass the region-specific endpoint URL. For example, entering https://rds.us-west-1.amazonaws.com points to US West (Northern California) region. A complete list of EC2 regions, accompanying endpoints and valid protocols can be found below under RDS endpoints and regions . |
| Proxy host | Text | No | (Empty) | PROXYHOST="proxy.host.com" | The hostname (for example, server.domain.com) or IP address (for example, xxx.xxx.xxx.xxx) of the proxy server to use when connecting to AWS. |
| Proxy port | Number | No | (Empty) | PROXYPORT="1028" | The port that should be used to connect to the proxy server. |
| Proxy username | Text | No | (Empty) | PROXYUSER="username" | The username that should be used to authenticate connection with the proxy server (if required). |
| Proxy password | Text | No | (Empty) | PROXYPWD="encrypted" | The password that should be used to authenticate connection with the proxy server (if required). |
| Signature method | Text | No | (Empty) | SIGNMETHOD="HmacSHA256" | The signature method to use for signing the request. This provides a valid hashing algorithm for signature calculation. Valid AWS signature methods are HmacSHA1 and HmacSHA256. |
| Signature version | Number | No | (Empty) | SIGNVERSION="2" | The signature version for signing the request. Valid AWS signature versions are 2 and 4. The difference with version 4 is that it allows you to sign your message using a key that is derived from your secret access key rather than using the secret access key itself. |
Security Group
| Property | Type | Required | Default | Markup | Description |
|---|---|---|---|---|---|
| Create and populate dataset with security group information | Text Options | Yes | (Empty) | RESULTDATASET="mydataset" | The name of the dataset to create and populate with information about the list of RDS security groups retrieved. More information about the individual fields this dataset creates can be found below under Datasets |
Advanced
| Property | Type | Required | Default | Markup | Description |
|---|---|---|---|---|---|
| Group name | Text | Yes | (Empty) | SECURITYGROUP="MyDBGroup" | The name of the Amazon RDS security group. |
| Marker (optional) | Number | No | (Empty) | MARKER="1" | Specifies the marker property; an identifier returned to allow retrieval of paginated results. |
| Maximum records (optional) | Number | No | (Empty) | MAXRECORDS="100" | The maximum number of records to be returned. Default maximum value is 100. |
Additional notes
RDS endpoints and regions
This table contains a complete list of Amazon Relational Database Service endpoints, along with their corresponding regions and supported protocols.
| Endpoint | Region | Protocol |
|---|---|---|
| rds.us-east-1.amazonaws.com | US East (Northern Virginia) Region | HTTP and HTTPS |
| rds.us-west-2.amazonaws.com | US West (Oregon) Region | HTTP and HTTPS |
| rds.us-west-1.amazonaws.com | US West (Northern California) Region | HTTP and HTTPS |
| rds.eu-west-1.amazonaws.com | EU (Ireland) Region | HTTP and HTTPS |
| rds.ap-southeast-1.amazonaws.com | Asia Pacific (Singapore) Region | HTTP and HTTPS |
| rds.ap-southeast-2.amazonaws.com | Asia Pacific (Sydney) Region | HTTP and HTTPS |
| rds.ap-northeast-1.amazonaws.com | Asia Pacific (Tokyo) Region | HTTP and HTTPS |
| rds.sa-east-1.amazonaws.com | South America (Sao Paulo) Region | HTTP and HTTPS |
Datasets
A dataset is a multiple column, multiple row container object. This activity creates and populates a dataset containing a specific set of fields. The table below describes these fields (assuming the dataset name assigned was theDataset).
| Name | Type | Return Value |
|---|---|---|
| theDataset.DBSecurityGroupDescription | Text | Returns the description of the security group. |
| theDataset.DBSecurityGroupName | Text | Returns the name of the RDS security group. |
| theDataset.EC2SecurityGroup | Text | Returns the name of the EC2 security group. |
| theDataset.IPRange | Text | Returns the IP range to allow access. |
| theDataset.OwnerId | Number | Returns the AWS account number of the owner of the EC2 security group (for example, 123412341234). |
Example
NOTE:
- Copy and paste the sample AML code below directly into the Task Builder Steps Panel.
- To successfully run the sample code, update parameters containing user credentials, files, file paths, or other information specific to the task to match your environment.
Description
This sample task gets a list of RDS security groups and then creates and populates a dataset with the results.
Copy
<AMAWSRDS ACTIVITY="list_security_groups" MAXRECORDS="10" RESULTDATASET="myDataset" />