Amazon RDS - List security groups

Declaration

<AMAWSRDS ACTIVITY="list_security_groups" RESULTDATASET="text" SECURITYGROUP="text" MARKER="number" MAXRECORDS="number" ACCESSKEY="text" SECRETKEY="text (encrypted)" SERVICEURL="text" PROXYHOST="text" USERAGENT="text" PROXYPORT="number" PROXYUSER="text" PROXYPWD="text (encrypted)" MAXERRORRETRY="number" SIGNMETHOD="text" SIGNVERSION="number" />

Related Topics   

Description

Retrieves existing security groups and populates a dataset with information such as group name, IP address, Owner ID and much more.

IMPORTANT: Automate's RDS activities are performed using Amazon's Relational Database Service engine, therefore, administering Amazon RDS through Automate requires a valid Access Key ID and Secret Access Key.

Practical Usage

Used to gather information regarding a list of existing security groups. Use the Create security group activity to create a new security group.

Parameters

connection

Property

Type

Required

Default

Markup

Description

Connection

---

---

---

---

Indicates where Amazon Web Service user credentials and preferences should originate from. This is a design mode parameter used only during task construction and configuration, thus, comprises no markup. The available options are:

  • Host (default) - Specifies that user credentials and/or advanced preferences are configured individually for this activity. This option is normally chosen if only a single activity is required to complete an operation.

  • Session - Specifies that user credentials and/or advanced preferences are obtained from a pre-configured session created in an earlierstep with the use of the RDS - Create session activity. This option is normally chosen if a combination of related activities are required to complete an operation. Linking several activities to a single session eliminates redundancy. Additionally, a single task supports construction and simultaneous execution of multiple sessions, improving efficiency.

Session

Text

Yes if connection is session-based

RDSSession1

SESSION="RDSSession1"

The name of an existing session to attach this activity to. This parameter is active only if the Connection parameter is set to Session. The default session name is 'RDSSession1'.

Access key

Text

Yes if connection is host-based

(Empty)

ACCESSKEY=

"022QF06E7MXBSH9DHM02"

A 20-character alphanumeric string that uniquely identifies the owner of the AWS service account, similar to a username. This key along with a corresponding secret access key forms a secure information set that AWS uses to confirm a valid user's identity. This parameter is active only if the Connection parameter is set to Host.

Secret Access key

Text

Yes if connection is host-based

(Empty)

SECRETKEY=

"kWcrlUX5JEDGM/LtmEENI/

aVmYvHNif5zB+d9+ct"

A 40-character string that serves the role as password to access the AWS service account. This along with an associated access key forms a secure information set that EC2 uses to confirm a valid user's identity. This parameter is active only if the Connection parameter is set to Host.

User agent

Text

No

Automate

USERAGENT="Automate"

The name of the client or application initiating requests to AWS. The default value is 'Automate'. 

Maximum retry on error

Number

No

(Empty)

MAXERRORRETRY="4"

The total amount of times this activity should retry its request to the server before returning an error. Network components can generate errors anytime in the life of a request, thus, implementing retries can increase reliability. 

Service URL

Text

No

(Empty)

SERVICEURL=

"https://rds.eu-west-1.amazonaws.com"

The URL that provides the service endpoint. To make the service call to a different region, you can pass the region-specific endpoint URL. For example, entering  https://rds.us-west-1.amazonaws.com points to US West (Northern California) region. A complete list of EC2 regions, accompanying endpoints and valid protocols can be found below under RDS Endpoints and Regions.

Proxy host

Text

No

(Empty)

PROXYHOST="proxy.host.com"

The host name (i.e. server.domain.com) or IP address (i.e. xxx.xxx.xxx.xxx) of the proxy server to use when connecting to AWS.  

Proxy port

Number

No

(Empty)

PROXYPORT="1028"

The port that should be used to connect to the proxy server.

Proxy username

Text

No

(Empty)

PROXYUSER="username"

The username that should be used to authenticate connection with the proxy server (if required).

Proxy password

Text

No

(Empty)

PROXYPWD="encrypted"

The password that should be used to authenticate connection with the proxy server (if required).

Signature method

Text

No

(Empty)

SIGNMETHOD="HmacSHA256"

The signature method to use for signing the request. This provides a valid hashing algorithm for signature calculation. Valid AWS signature methods are HmacSHA1 and HmacSHA256.

Signature version

Number

No

(Empty)

SIGNVERSION="2"

The signature version for signing the request. Valid AWS signature versions are 2 and 4. The difference with version 4 is that it allows you to sign your message using a key that is derived from your secret access key rather than using the secret access key itself.

Security Group

Property

Type

Required

Default

Markup

Description

Create and populate dataset with security group information

Text Options

Yes

(Empty)

RESULTDATASET="mydataset"

The name of the dataset to create and populate with information about the list of RDS security groups retrieved. More information about the individual fields this dataset creates can be found below under Datasets.

advanced

Property

Type

Required

Default

Markup

Description

Group name

Text

Yes

(Empty)

SECURITYGROUP="MyDBGroup"

The name of the Amazon RDS security group.

Marker (optional)

Number

No

(Empty)

MARKER="1"

Specifies the marker property; an identifier returned to allow retrieval of paginated results.

Maximum records (optional)

Number

No

(Empty)

MAXRECORDS="100"

The maximum number of records to be returned. Default maximum value is 100.

 

Description

Error Causes

On Error

Additional notes

RDS endpoints and regions

This table contains a complete list of Amazon Relational Database Service endpoints, along with their corresponding regions and supported protocols.

Endpoint

Region

Protocol

rds.us-east-1.amazonaws.com

US East (Northern Virginia) Region

HTTP and HTTPS

rds.us-west-2.amazonaws.com

US West (Oregon) Region

HTTP and HTTPS

rds.us-west-1.amazonaws.com

US West (Northern California) Region

HTTP and HTTPS

rds.eu-west-1.amazonaws.com

EU (Ireland) Region

HTTP and HTTPS

rds.ap-southeast-1.amazonaws.com

Asia Pacific (Singapore) Region

HTTP and HTTPS

rds.ap-southeast-2.amazonaws.com

Asia Pacific (Sydney) Region

HTTP and HTTPS

rds.ap-northeast-1.amazonaws.com

Asia Pacific (Tokyo) Region

HTTP and HTTPS

rds.sa-east-1.amazonaws.com

South America (Sao Paulo) Region

HTTP and HTTPS

Datasets

A dataset is a multiple column, multiple row container object. This activity creates and populates a dataset containing a specific set of fields. The table below describes these fields (assuming the dataset name assigned was theDataset).

Name

Type

Return Value

theDataset.DBSecurityGroupDescription

Text

Returns the description of the security group.

theDataset.DBSecurityGroupName

Text

Returns the name of the RDS security group.

theDataset.EC2SecurityGroup

Text

Returns the name of the EC2 security group.

theDataset.IPRange

Text

Returns the IP range to allow access.

theDataset.OwnerId

Number

Returns the AWS account number of the owner of the EC2 security group (i.e. 123412341234).

Example

NOTE:
  • The sample AML code below can be copied and pasted directly into the Steps Panel of the Task Builder.
  • Parameters containing user credentials, files, file paths, and/or other information specific to the task must be customized before the sample code can run successfully.

Description

Get list of RDS security groups and store it into dataset "myDataset". Max records is "10". Use default RDS session.

 

 

<AMAWSRDS ACTIVITY="list_security_groups" MAXRECORDS="10" RESULTDATASET="myDataset" />