How to interconnect accounts before using the ECS security group tool to cancel the operation

The content of this article is about how to interoperate between accounts before using the ECS security group tool to cancel. It has certain reference value. Friends in need can refer to it. I hope it will be helpful to you.

Use the ECS security group tool to undo the previous interoperability operation between accounts

Required information:

1. Account number Name: As the name suggests, it is the account

# that logs in to the console. 2. Security group corresponding to ECS: The security group where the ECS that has connected the account to the intranet is located. It can be viewed on the console or queried through the API method.

3. The name of the region where the ECS is located, a string in the form of "cn-beijing"

The API method that needs to be used is RevokeSecurityGroup, which is the method to revoke the "outbound direction" of the security group , the relevant parameters used are as follows:

Request parameters

The operation needs to be carried out in two steps , first use the A account to revoke the rules in the A account that authorize the B account to access; then correspondingly, use the B account to revoke the authorization rules of the A account.

For example, first use account A to revoke the access rules of account B through AliyunCLI:

Assume the relevant account and other information are as follows, and assume that the previous account was connected to the intranet by submitting a work order. ：

Then based on the previously obtained information, the values ​​of all parameters passed into AliyunCLI are as follows:

So, The final command entered and executed is:

aliyuncli ecs RevokeSecurityGroup --
SecurityGroupId sg-a12345 --RegionId cn-beijing --
IpProtocol all --PortRange -1/-1 --
SourceGroupId sg-b67890 --
SourceGroupOwnerAccount b@aliyun.com --
NicType intranet

This will revoke the rule under account A that allows account B to access. Then, by analogy, switch to account B to revoke the rules that allow account A to access. This completes the revoking of the intranet communication rules between accounts A and B.

The above is the detailed content of How to interconnect accounts before using the ECS security group tool to cancel the operation. For more information, please follow other related articles on the PHP Chinese website!