aboutsummaryrefslogtreecommitdiff
path: root/doc/eclat-lssg.1
blob: 86ab244f82b9380581d9e288f2b494243d1753d9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
.\" This file is part of Eclat -*- nroff -*-
.\" Copyright (C) 2012, 2013 Sergey Poznyakoff
.\"
.\" Eclat is free software; you can redistribute it and/or modify
.\" it under the terms of the GNU General Public License as published by
.\" the Free Software Foundation; either version 3, or (at your option)
.\" any later version.
.\"
.\" Eclat is distributed in the hope that it will be useful,
.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
.\" GNU General Public License for more details.
.\"
.\" You should have received a copy of the GNU General Public License
.\" along with Eclat.  If not, see <http://www.gnu.org/licenses/>.
.TH LSSEC 1 "January 19, 2013" "ECLAT" "Eclat User Reference"
.SH NAME
eclat lssg \- return information about security groups 
.SH SYNOPSIS
\fBeclat lssg\fR [\fB\-n\fR] [\fB\-\-name\fR]\
 [\fBFILTER\fR...] [\fBID\fR]

\fBeclat lssg\fR \fB\-\-help\fR
.SH DESCRIPTION
This command returns information about security groups.  By default,
all security groups pertaining to your account will be described.
Particular groups can be selected by specifying their IDs (or names,
if the \fB\-n\fR (\fB\-\-name\fR) option is used) in the command
line.  The set of groups can further be abridged by using filters.
.PP
If ID mapping is enabled (see the section \fBMAPS\fR
in
.BR eclat (1)),
this command translates \fBID\fR supplied in the command line
using the \fBGroupId\fR map or \fBGroupName\fR map, if the \fB\-n\fR
(\fB\-\-name\fR) option is used.
.SH OPTIONS
.TP
\fB\-n\fR, \fB\-\-name\fR
Treat group identifiers supplied in the command line as group names.
By default they are treated as group IDs.
.SH FILTERS
.TP
\fBdescription\fR=\fIstring\fR
The description of the security group.
.TP
\fBgroup\-id\fR=\fIstring\fR
The ID of the security group.
.TP
\fBgroup\-name\fR=\fIstring\fR
The name of the security group.
.TP
\fBip\-permission.cidr\fR=\fBstring\fR
The CIDR range that has been granted the permission.  See the note below.
.TP
\fBip\-permission.from\-port\fR=\fIstring\fR
For the TCP and UDP, the start of port range, for ICMP -- the ICMP type
number.
.TP
\fBip\-permission.group\-name\fR=\fIstring\fR
The name of security group that has been granted the permission.
.TP
\fBip\-permission.protocol\fR=\fIvalue\fB
The IP protocol for the permission.  One of:
.BR tcp ,
.BR udp ,
.BR icmp ,
or a protocol number.
.TP
\fBip\-permission.to\-port\fR=\fIstring\fR
The end of port range for the TCP and UDP protocols, or an ICMP code.
.TP
\fBip\-permission.user\-id\fR=\fIstring\fR
The ID of an AWS account that has been granted the permission.
.TP
\fBowner\-id\fR=\fIstring\fR
The AWS account ID of the owner of the security group.
.TP
\fBtag\-key\fR=\fIstring\fR
The key of a tag assigned to the security group.
.TP
\fBtag\-value\fR=\fIstring\fR
The value of a tag assigned to the security group.
.PP
Notice, that all filters use literal matching only.  This means that
you cannot use, e.g., \fBip\-permission.cidr\fR to check for a
particular IP address.  Instead, the argument to
\fBip\-permission.cidr\fR must be the CIDR exactly as stored in the
group description.  The same holds true for other filters as well.
.SH OUTPUT
The output is multi-line.  Each group begins with a \fBGroup\fR line,
containing the group ID, name and description.  Following lines
describe the VPC ID and tags (if any).  Tags are listed in as
\fBkey\fB=\fBvalue\fR pairs, each on a separate line and indented by
one tabstop.  The lines that follow list the rules for incoming and
outgoing traffic.  E.g.:
.sp
.nf
.in +2
Group sg\-443d0a12	WebServers	"Web Servers"
VPC ID: 
Incoming:
tcp	0.0.0.0/0	80
Outgoing:
Group sg\-5ff8a023	RangedPortsBySource	"Group A"
VPC ID: 
Incoming:
user 111122223333, group sg\-99gh4012 ("Group B")	6000\-7000
Outgoing:
.in
.fi
.SH "SEE ALSO"
.BR eclat (1).
.SH AUTHORS
Sergey Poznyakoff
.SH "BUG REPORTS"
Report bugs to <bug\-eclat@gnu.org.ua>.
.SH COPYRIGHT
Copyright \(co 2012, 2013 Sergey Poznyakoff
.br
.na
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
.br
.ad
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
.\" Local variables:
.\" eval: (add-hook 'write-file-hooks 'time-stamp)
.\" time-stamp-start: ".TH [A-Z_][A-Z0-9_.\\-]* [0-9] \""
.\" time-stamp-format: "%:B %:d, %:y"
.\" time-stamp-end: "\""
.\" time-stamp-line-limit: 20
.\" end:

Return to:

Send suggestions and report system problems to the System administrator.