EC2 / Paginator / DescribeSecurityGroupRules


class EC2.Paginator.DescribeSecurityGroupRules#
paginator = client.get_paginator('describe_security_group_rules')

Creates an iterator that will paginate through responses from EC2.Client.describe_security_group_rules().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
            'Name': 'string',
            'Values': [
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
  • Filters (list) –

    One or more filters.

    • group-id - The ID of the security group.

    • security-group-rule-id - The ID of the security group rule.

    • tag:<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.

    • (dict) –

      A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.

      If you specify multiple filters, the filters are joined with an AND, and the request returns only results that match all of the specified filters.

      • Name (string) –

        The name of the filter. Filter names are case-sensitive.

      • Values (list) –

        The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR, and the request returns all results that match any of the specified values.

        • (string) –

  • SecurityGroupRuleIds (list) –

    The IDs of the security group rules.

    • (string) –

  • DryRun (boolean) – Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

  • PaginationConfig (dict) –

    A dictionary that provides parameters to control pagination.

    • MaxItems (integer) –

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

    • PageSize (integer) –

      The size of each page.

    • StartingToken (string) –

      A token to specify where to start paginating. This is the NextToken from a previous response.

Return type:



Response Syntax

    'SecurityGroupRules': [
            'SecurityGroupRuleId': 'string',
            'GroupId': 'string',
            'GroupOwnerId': 'string',
            'IsEgress': True|False,
            'IpProtocol': 'string',
            'FromPort': 123,
            'ToPort': 123,
            'CidrIpv4': 'string',
            'CidrIpv6': 'string',
            'PrefixListId': 'string',
            'ReferencedGroupInfo': {
                'GroupId': 'string',
                'PeeringStatus': 'string',
                'UserId': 'string',
                'VpcId': 'string',
                'VpcPeeringConnectionId': 'string'
            'Description': 'string',
            'Tags': [
                    'Key': 'string',
                    'Value': 'string'


Response Structure

  • (dict) –

    • SecurityGroupRules (list) –

      Information about security group rules.

      • (dict) –

        Describes a security group rule.

        • SecurityGroupRuleId (string) –

          The ID of the security group rule.

        • GroupId (string) –

          The ID of the security group.

        • GroupOwnerId (string) –

          The ID of the Amazon Web Services account that owns the security group.

        • IsEgress (boolean) –

          Indicates whether the security group rule is an outbound rule.

        • IpProtocol (string) –

          The IP protocol name ( tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).

          Use -1 to specify all protocols.

        • FromPort (integer) –

          If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).

        • ToPort (integer) –

          If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).

        • CidrIpv4 (string) –

          The IPv4 CIDR range.

        • CidrIpv6 (string) –

          The IPv6 CIDR range.

        • PrefixListId (string) –

          The ID of the prefix list.

        • ReferencedGroupInfo (dict) –

          Describes the security group that is referenced in the rule.

          • GroupId (string) –

            The ID of the security group.

          • PeeringStatus (string) –

            The status of a VPC peering connection, if applicable.

          • UserId (string) –

            The Amazon Web Services account ID.

          • VpcId (string) –

            The ID of the VPC.

          • VpcPeeringConnectionId (string) –

            The ID of the VPC peering connection (if applicable).

        • Description (string) –

          The security group rule description.

        • Tags (list) –

          The tags applied to the security group rule.

          • (dict) –

            Describes a tag.

            • Key (string) –

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:.

            • Value (string) –

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.