When running the below code, I get the error message
InvalidGroup.NotFound The security group 'OddName' does not exist in default VPC 'vpc-2468'
That is the correct VPC name, but not the VPC ID that would be seen when looking at sg-1357. This is a request error, not an aws error, so it's getting at least that far.
From the command line this works:
aws ec2 authorize-security-group-ingress --group-id sg-1357 --cidr 127.0.0.1/32 --protocol tcp --port 443
And I can confirm the ip has been added.
Modifying the example code from the sdk on github, the following produces the default VPC error:
func ExampleEC2_AuthorizeSecurityGroupIngress() {
svc := ec2.New(nil)
params := &ec2.AuthorizeSecurityGroupIngressInput{
CIDRIP: aws.String("127.0.0.1"),
DryRun: aws.Boolean(true),
FromPort: aws.Long(443),
GroupID: aws.String("sg-1357"),
GroupName: aws.String("OddName"),
IPPermissions: []*ec2.IPPermission{
{ // Required
FromPort: aws.Long(1),
IPProtocol: aws.String("String"),
IPRanges: []*ec2.IPRange{
{ // Required
CIDRIP: aws.String("String"),
},
// More values...
},
PrefixListIDs: []*ec2.PrefixListID{
{ // Required
PrefixListID: aws.String("String"),
},
// More values...
},
ToPort: aws.Long(1),
UserIDGroupPairs: []*ec2.UserIDGroupPair{
{ // Required
GroupID: aws.String("String"),
GroupName: aws.String("String"),
UserID: aws.String("String"),
},
// More values...
},
},
// More values...
},
IPProtocol: aws.String("String"),
SourceSecurityGroupName: aws.String("String"),
SourceSecurityGroupOwnerID: aws.String("String"),
ToPort: aws.Long(443),
}
resp, err := svc.AuthorizeSecurityGroupIngress(params)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
// Generic AWS error with Code, Message, and original error (if any)
fmt.Println(awsErr.Code(), awsErr.Message(), awsErr.OrigErr())
if reqErr, ok := err.(awserr.RequestFailure); ok {
// A service error occurred
// ERROR GETS REPORTED HERE
fmt.Println(reqErr.Code(), reqErr.Message(), reqErr.StatusCode(), reqErr.RequestID())
}
} else {
// This case should never be hit, the SDK should always return an
// error which satisfies the awserr.Error interface.
fmt.Println(err.Error())
}
}
// Pretty-print the response data.
fmt.Println(awsutil.StringValue(resp))
}