AWS EC2 1.0.0
App Vendor: Amazon Web Services
Connector Category: IT Services
App Version in Orchestrate: 1.1.0
API Version: 1.0.0
About App
The Amazon Elastic Compute Cloud (Amazon EC2) app allows security analysts to integrate with the Amazon EC2 enterprise application to manage the AWS platform through actions related to managing images of EC2 instances, security groups and snapshots. By using this app, analysts can manage the Network ACL (which controls traffic to or from a subnet according to a set of inbound and outbound rules) and security groups (which acts as a virtual firewall for your instance to control the inbound and outbound traffic). You can set up network ACLs with rules similar to your security groups to add an additional layer of security to your Virtual Private Cloud (VPC).
The AWS EC2 app is configured with the Orchestrate application to perform the following actions:
Action | Description |
|---|---|
Describe NACL | This action describes one or more NACLs. |
Delete Network ACL Entry | This action deletes the specified ingress or egress entry (rule) from the specified NACL. |
Create IPv6 NACL Entry | This action creates an IPv6 Classless Inter-Domain Routing (CIDR ) entry (rule) in NACL with the specified rule number. |
Create IPv4 NACL Entry | This action creates an IPv4 Classless Inter-Domain Routing (CIDR ) entry (rule) in NACL with the specified rule number. |
Edit Security Groups | This action edits security groups using the query parameters. |
Describe Security Groups | This action retrieves details of the security groups in the specified region. |
Fetch Instances | This action retrieves instances of EC2 in the specified region. |
Run Instances | This action launches and runs instances using Amazon Machine Images (AMI). |
De-register an Image | This action deregisters an image using the image ID and region name. |
Delete a Snapshot | This action deletes a snapshot using the snapshot ID. |
Delete a Security Group | This action deletes a security group using the security group ID and region name. |
Create a Snapshot | This action creates a snapshot using the volume ID and a short description. |
Create a Security Group | This action creates a security group using a group name, VPC ID, and a short description. |
Create a New Image | This action creates a new image using the image name, description, instance ID, and region name. |
Configuration Parameters
The following configuration parameters are required for the AWS EC2 app to communicate with the AWS EC2 enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Access Key ID | Enter the Access Key ID for accessing the Endpoint. | Text | Required | |
Secret Access Key | Enter Secret Key for accessing the Endpoint. | Password | Optional |
Action: Describe NACL
This action retrieves details about one or more NACLs such as associated tags, list of entries, owner ID, associations, and other details about the network ACL.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
NACL ID List | Enter a list of NACL IDs to retrieve all the NACL details. Example: "acl-0bfb1c7d3af2fe699" | List | Required | |
Region Name | Enter the region name to use. | Text | Optional | Default value: us-west-2 |
Example Request
[
{
"region_name": "us-east-1",
"nacl_id_list": [
"acl-0bfb1c7d3af2fe699"
]
}
]Action: Delete Network ACL Entry
This action deletes the specified ingress or egress entry (rule) from the specified network ACL.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
NACL ID | Enter the NACL ID for which the NACL entry must be deleted. Example: "sampleacl-0bfb1c7d3af2fe699" | Text | Required | |
Egress | Enter if the NACL entry is egress or not. | Boolean | Required | Allowed values:
|
Rule Entry | Enter the rule number of NACL entry to delete. Example: 100 | Integer | Required | |
Region Name | Enter the region name to use. | Text | Optional | Default value: us-west-2 |
Example Request
[
{
"region_name": "us-east-1",
"nacl_id": "acl-0bfb1c7d3af2fe699",
"egress": "False",
"rule_number": "100"
}
]Action: Create IPv4 NACL Entry
This action creates an IPv4 CIDR (Classless Inter-Domain Routing) entry/rule in NACL with the specified rule number. After you add an entry, you cannot modify it. You must either replace it, or create an entry and delete the old one.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
NACL ID | Enter the NACL ID to add the CIDR entry. Example: "sampleacl-0bfb1c7d3af2fe699" | Text | Required | |
CIDR Block | Enter the IPv4 CIDR to add. Example: "10.10.1.1/24" | Text | Required | |
Egress | Enter if the IPv4 entry is egress or not. | Boolean | Required | Allowed values:
|
From Port | Enter the from port for the port range. Example: "22" | Integer | Required | |
To Port | Enter the to port for the port range. Example: "22" | Integer | Required | |
Rule Action | Enter the rule action to perform an allow or deny operation. Example: "allow" | Text | Required | Allowed values:
|
Rule Number | Enter the number to assign to the rule. This number is assigned as the unique identifier for the rule and can be referenced to get details about a rule. Example: "220" | Integer | Required | |
Protocol | Enter the protocol number to assign to the rule. Example: "-1" | Text | Required | |
Region Name | Enter the region name to use. | Text | Optional | Default value: us-west-2 |
Example Request
[
{
"egress": false,
"nacl_id": "acl-0bfb1c7d3af2fe699",
"to_port": 22,
"protocol": "-1",
"from_port": 22,
"cidr_block": "10.10.1.1/24",
"region_name": "us-east-1",
"rule_action": "deny",
"rule_number": 1008
}
]Action: Create IPv6 NACL Entry
This action creates an IPv6 CIDR (Classless Inter-Domain Routing) entry/rule in NACL with the specified rule number. After you add an entry, you cannot modify it. You must either replace it, or create an entry and delete the old one.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
NACL ID | Enter the NACL ID to add the CIDR entry. Example: "sampleacl-0bfb1c7d3af2fe699" | Text | Required | |
CIDR Block | Enter the IPv6 CIDR to add. Example: [2001:db8:1234:1a00::/64] | Text | Required | |
Egress | Enter if the IPv6 CIDR is egress or not. | Boolean | Required | Allowed values:
|
From Port | Enter the from port for the port range. Example: "22" | Integer | Required | |
To Port | Enter the to port for the port range. Example: "22" | Integer | Required | |
Rule Action | Enter the rule action to perform an allow or deny operation. Example: "allow" | Text | Required | Allowed values:
|
Rule Number | Enter the number to assign to the rule. This number is assigned as the unique identifier for the rule and can be referenced to get details about a rule. Example: "220" | Integer | Required | |
Protocol | Enter the protocol to assign to the rule. Example: "TCP" | Text | Required | |
Region Name | Enter the region name to use. | Text | Required | Default value: us-west-2 |
ICMP Code | Enter the ICMP code value used. Example: "3" | Integer | Required | |
ICMP Type | Enter the ICMP type to use. Example: "3" | Integer | Optional |
Example Request
[
{
"egress": false,
"nacl_id": "acl-0bfb1c7d3af2fe699",
"to_port": 22,
"protocol": "TCP",
"from_port": 22,
"cidr_block": "2001:db8:1234:1a00::/64",
"region_name": "us-east-1",
"rule_action": "block",
"rule_number": 1008,
"icmp_code": 3
}
]Action: Edit Security Groups
This action edits security groups using the query parameters.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Instance ID | Enter the instance ID. You can retrieve the instance ID using the Describe Security Groups action. Example: "87655" | Text | Optional | |
Security Group ID | Enter the security group ID. You can retrieve the instance ID using the Describe Security Groups action. Example: "sg-51530134" | Text | Optional |
Example Request
[
{
"instance_id": "87655",
"security_group_id": "sg-51530134"
}
]Action: Describe Security Groups
This action retrieves details of the security groups in a region.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Region name | Enter the region name to retrieve all the security groups. | Text | Optional | Default value: us-east-2 |
Example Request
[
{
"region_name": "us-east-2"
}
]Action: Fetch Instances
This action retrieves instances of EC2 in the specified region.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Region name | Enter the region name. Example: "us-east-2" | Text | Optional |
Example Request
[
{
"region_name": "us-east-2"
}
]Action: Run Instances
This action launches and runs instances using an Amazon Machine Image (AMI).
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Image ID | Enter the ID of the AMI which can be retrieved using CreateImage action. An AMI is required to launch an instance and must be specified here. Example: "ami-0148f346905f051c8" | Text | Required | |
Instance type | Enter the instance type. Example: "t2.small" | Text | Required | Default value:"m1.small" |
Security Group IDs | Enter one or more security group IDs. By default, Amazon EC2 uses the default security group. Example: "sg-0f1664aff1e44f3a2" | List | Required | |
Security Group | Enter the names of the security groups. For a non-default VPC, you must use security group IDs instead. Example: "samplesecuritygroup" | List | Required | |
Subnet ID | Enter the ID of the subnet to launch the instance into. Example: "subnet-b46032ec" | Text | Required | |
Block Device Mappings | Enter one or more block device mapping entries. A block device mapping defines the block devices to attach to an instance. Example: { 'DeviceName': "/dev/sdh", 'VirtualName': "ephemeral0" } | Key Value | Required | |
Minimum Count | Enter the minimum number of instances to launch. If the specified count is higher than the number of instances that Amazon EC2 can launch in the target availability zone, then Amazon EC2 launches no instances. Example: 10 | Integer | Required | |
Maximum Count | Enter the maximum number of instances to launch. If the specified count is more than the number of instances that Amazon EC2 can launch in the target availability zone, then the largest possible number of instances above the minimum count is launched. Example: 10 | Integer | Required | |
Region name | Enter the region name. Example: "us-east-1". | Text | Optional |
Example Request
[
{
"image_id": "ami-0148f346905f051c8",
"instance_type": "t2.small",
"security_group_ids": "sg-0f1664aff1e44f3a2",
"security_groups": "samplesecuritygroup",
"subnet_id": "subnet-b46032ec",
"block_device_mappings":
{
'DeviceName': "/dev/sdh",
'VirtualName': "ephemeral0"
},
"min_count": "10",
"max_count": "10",
"region_name": "us-east-1"
}
]Action: De-register an Image
This action deregisters an image using the image ID and region name.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Image ID | Enter the image ID to deregister. Example: "ami-0eab20fe36f83e1a8" | Text | Required | |
Region name | Enter the region name. Example: "us-east-2" | Text | Optional |
Example Request
[
{
"image_id": "ami-0eab20fe36f83e1a8",
"region_name": "us-east-2"
}
]Action: Delete a Snapshot
This action deletes a snapshot using the snapshot ID.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Snapshot ID | Enter the snapshot ID. Example: "snap0101276" | Text | Required | |
Region name | Enter the region name. Example: "us-east-2" | Text | Optional |
Example Request
[
{
"snapshot_id": "snap0101276",
"region_name": "us-east-2"
}
]Action: Delete a Security Group
This action deletes a security group using the security group ID.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Security Group ID | Enter the security group ID. Example: "sg-0f1664aff1e44f3a2" | Text | Required | |
Region name | Enter the region name. Example: "us-east-1" | Text | Optional |
Example Request
[
{
"group_id": "sg-0f1664aff1e44f3a2",
"region_name": "us-east-1"
}
]Action: Create a Snapshot
This action creates a snapshot using volume ID in the specified region with a short description.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Volume ID | Enter the volume ID to create the snapshot. Example: "vol-1234567890" | Text | Required | |
Snapshot description | Enter the description for a snapshot. Example: "Sample snapshot" | Text | Required | |
Region name | Enter the region name. Example: "us-east-2" | Text | Optional |
Example Request
[
{
"vloume_id": "vol-1234567890",
"description": "Sample snapshot to create",
"region_name": "us-east-2"
}
]Action: Create a Security Group
This action creates a security group using a group name, VPC ID, and a short description.
Action Input Parameters
Parameter | Description | Field Name | Required/Optional | Comments |
|---|---|---|---|---|
Description | Enter the description for the security group. Example: "TestSecurityGroup" | Text | Optional | |
Group name | Enter the security group name. Example: "WebServerSG" | Text | Required | |
VPC ID | Enter the VCP ID. Example: "vpc-3325caf2" | Text | Required | |
Region name | Enter the region name. Example: "us-east-2" | Text | Optional |
Example Request
[
{
"description": "TestSecurityGroup",
"group_name": "WebServerSG",
"vpc_id": "vpc-3325caf2",
"region_name": "us-east-2"
}
]Action: Create a New Image
This action creates a new image using the image name, description, instance ID, and region name.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Image description | Enter the description for the image. Example: "Test image" | Text | Required | |
Instance ID | Enter the instance ID. Example: "i-1234567890abcdef0" | Text | Required | |
Image name | Enter the Image name. Example: "ami-4fa54026" | Text | Required | |
Region name | Enter the region name. Example: "us-east-1" | Text | Optional |
Example Request
[
{
"description": "Test image",
"instance_id": "i-1234567890abcdef0",
"image_name": "ami-4fa54026",
"region_name": "us-east-1"
}
]Action Response Parameters
Parameter | Type | Description |
|---|---|---|
ImageId | String | The unique identifier for the image. |