Closed arturmartins closed 9 years ago
TL:DR Security groups must be referred by Group name (my-security-group) not by ID (sg-xxxxxxx).
The way I learned to understand how boto "sees" the security groups was by running this code:
import boto.ec2
conn = boto.ec2.connect_to_region("THE-REGION-HERE")
conn.get_all_security_groups()
Reference: http://boto.readthedocs.org/en/latest/ref/ec2.html#module-boto.ec2.securitygroup
My previous comment is actually incorrect for a VPC setup.
Security groups in EC2 Classic should be referred by Group Name. Security groups in VPC must be referred by ID.
What I was doing wrong in the first place was that I did not include the "aws:ec2:vpc" (and correspondent VPCId) in the _optionsettings section of the ebs.config file.
Thanks for the update. Can you submit a pull request for the documentation? On Oct 18, 2014 10:20 AM, "Artur Martins" notifications@github.com wrote:
My previous comment is actually incorrect for a VPC setup.
Security groups in EC2 Classic should be referred by Group Name. Security groups in VPC must be referred by ID.
What I was doing wrong at the first place was that I did not include the " aws:ec2:vpc" (and correspondent VPCId) in the _optionsettings section of the ebs.config file.
— Reply to this email directly or view it on GitHub https://github.com/briandilley/ebs-deploy/issues/13#issuecomment-59622323 .
boto.exception.BotoServerError: BotoServerError: 400 Bad Request {"Error":{"Code":"ConfigurationValidationException","Message":"Configuration validation exception: The security group 'sg-xxxxxx' does not exist","Type":"Sender"},"RequestId":"6f050c5c-554a-11e4-8881-776b760328df"}
I assure that particular SG exists. sg-xxxxxx is from VPC. Perhaps it's why it fails?