Closed manuelh2410 closed 2 years ago
Hi @manuelh2410,
Good morning.
Thanks for posting the question. As pointed by the TagSpecification documentation, SecurityGroupRule
doesn't appear to be the correct value for ResourceType
. The correct value is security-group-rule
.
Upon going through the AWS SDK for .NET documentation for ResourceType (this is accessible through Grant-EC2SecurityGroupIngress when viewing reference for TagSpecification), it appears the better alternative would be to use [Amazon.EC2.ResourceType]::SecurityGroupRule
constant. For example,
$Tag = New-Object Amazon.EC2.Model.Tag
$Tag.Key = "AWSIP"
$Tag.Value = "AWSIP"
$Tagspec = New-Object Amazon.EC2.Model.TagSpecification
$Tagspec.Tags = $Tag
$Tagspec.ResourceType = [Amazon.EC2.ResourceType]::SecurityGroupRule
The output of [Amazon.EC2.ResourceType]::SecurityGroupRule
is:
Value
-----
security-group-rule
Hope this helps.
Thanks, Ashish
this is not mentioned anywhere and the documentation for that parameter clearly points to : [1] https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/EC2/TResourceType.html [2] https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/EC2/TTagSpecification.html
The documentation also states that the value should be of type "String" and not trough a .net class
https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/EC2/TResourceType.html
@manuelh2410 Here is the guidance from the documentation:
-TagSpecification
parameter of type TagSpecification[].ResourceType
property as of type Amazon.EC2.ResourceTypeConstants used for properties of type ResourceType.
.You may use the string security-group-rule
(as noted in API documentation for TagSpecification) (this works due to operator overloading) or the constant represented by [Amazon.EC2.ResourceType]::SecurityGroupRule
(kindly note that this is the PowerShell syntax to use static fields). Also note that even though the API documentation for TagSpecification lists the allowed and expected values as string, all the SDKs would use some kind of constant class to map to the string values and would actually send the expected string value in the service API call.
Hope this helps. Closing this issue since no action is required on the AWS .NET SDK or AWS Tools for PowerShell.
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.
## Description https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/EC2/TResourceType.html is not accurate , or incompatible with the "-TagSpecification" switch for the "Grant-EC2SecurityGroupIngress Cmdlet"
According to the documentation [1] [2] you should be able to use the "SecurityGroupRule" resource type when configuring the "Tags" property of the TagSpecification ( Amazon.EC2.Model.TagSpecification ) Object .
Documentation: [1] https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/EC2/TResourceType.html [2] https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/EC2/TTagSpecification.html
Reproduction Steps
Failed request: $MYIP = "1.1.1.1/32" $RDP = "sg-0e16d7026f5276778" $ip2 = @{ IpProtocol="tcp"; FromPort="3389"; ToPort="3389"; IpRanges="$MYIP"} $Tag = New-Object Amazon.EC2.Model.Tag $Tag.Key = "AWSIP" $Tag.Value = "AWSIP" $Tagspec = New-Object Amazon.EC2.Model.TagSpecification $Tagspec.Tags = $Tag $Tagspec.ResourceType = "SecurityGroupRule" Grant-EC2SecurityGroupIngress -GroupId $RDP -IpPermission @($Ip2) -TagSpecification $Tagspec
PS /home/username/Documents/Vscode_Repos/public> Grant-EC2SecurityGroupIngress -GroupId $RDP -IpPermission @($Ip2) -TagSpecification $Tagspec
Grant-EC2SecurityGroupIngress: 'SecurityGroupRule' is not a valid taggable resource type for this operation. PS /home/username/Documents/Vscode_Repos/public>
Environment
Linux 5.11.0-38-generic #42~20.04.1-Ubuntu SMP Tue Sep 28 20:41:07 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux Ubuntu 20.04.3 LTS x64
Name Value
PSVersion 7.1.5 PSEdition Core GitCommitId 7.1.5 OS Linux 5.11.0-38-generic #42~20.04.1-Ubuntu SMP Tue Sep 28 20:41:07 UTC 2021 Platform Unix PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…} PSRemotingProtocolVersion 2.3 SerializationVersion 1.1.0.1 WSManStackVersion 3.0
Resolution
Used API Tag Specification . https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_TagSpecification.html $Tagspec.ResourceType = "Security-Group-Rule" PS /home/username/Documents/Vscode_Repos/public> Grant-EC2SecurityGroupIngress -GroupId $RDP -IpPermission @($Ip2) -TagSpecification $Tagspec
Result :
Return SecurityGroupRules
True {sg-0e16d7026f5276778}
This is a :bug: bug-report