This is the command ec2revoke that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
ec2-revoke - Revoke permissions from a group
SYNOPSIS
ec2revoke ([ec2-revoke])
ec2revoke [GENERAL OPTIONS] GROUP [SPECIFIC OPTIONS]
GENERAL NOTES
Any command option/parameter may be passed a value of '-' to indicate
that values for that option should be read from stdin.
DESCRIPTION
Revoke selected permissions from a specified group.
The GROUP parameter is name or ID of the group to revoke this permission from.
Note that VPC security groups for non-default VPCs must be specified by ID.
GENERAL OPTIONS
-O, --aws-access-key KEY
AWS Access Key ID. Defaults to the value of the AWS_ACCESS_KEY
environment variable (if set).
-W, --aws-secret-key KEY
AWS Secret Access Key. Defaults to the value of the AWS_SECRET_KEY
environment variable (if set).
-T, --security-token TOKEN
AWS delegation token. Defaults to the value of the AWS_DELEGATION_TOKEN
environment variable (if set).
-K, --private-key KEY
[DEPRECATED] Specify KEY as the private key to use. Defaults to the value of the
EC2_PRIVATE_KEY environment variable (if set). Overrides the default.
-C, --cert CERT
[DEPRECATED] Specify CERT as the X509 certificate to use. Defaults to the value
of the EC2_CERT environment variable (if set). Overrides the default.
-U, --url URL
Specify URL as the web service URL to use. Defaults to the value of
'https://ec2.amazonaws.com' (us-east-1) or to that of the
EC2_URL environment variable (if set). Overrides the default.
--region REGION
Specify REGION as the web service region to use.
This option will override the URL specified by the "-U URL" option
and EC2_URL environment variable.
This option defaults to the region specified by the EC2_URL environment variable
or us-east-1 if this environment variable is not set.
-D, --auth-dry-run
Check if you can perform the requested action rather than actually performing it.
-v, --verbose
Verbose output.
-?, --help
Display this help.
-H, --headers
Display column headers.
--debug
Display additional debugging information.
--show-empty-fields
Indicate empty fields.
--hide-tags
Do not display tags for tagged resources.
--connection-timeout TIMEOUT
Specify a connection timeout TIMEOUT (in seconds).
--request-timeout TIMEOUT
Specify a request timeout TIMEOUT (in seconds).
SPECIFIC OPTIONS
--egress
Specifies an egress rule. Otherwise ingress is assumed.
-P, --protocol PROTOCOL
May be either a protocol name or a protocol number. Note that non-VPC
security groups only allow tcp, udp and icmp rules. For non-VPC groups
the protocol may be left blank, in which case it will default
to tcp if a source subnet is specified, to tcp and udp if a source group
and port range are specified, and to tcp, udp and icmp if only a
source group is specified.
For VPC groups the protocol 'all' must be explicitly specified.
-p, --port-range PORT-RANGE
Range of ports to open. If the tcp or udp protocol are specified (or
implied by default), then the range of ports to grant access to may
optionally be specified as a single integer, or as a range (min-max).
Specifying -1 defaults to all ports.
-t, --icmp-type-code TYPE:CODE
icmp type and code. If the icmp protocol is specified, then icmp type
and code may optionally be specified as type:code, where both type and
code are integers and compliant with RFC792. Type or code (or both) may
be specified as -1 which is a wildcard covering all types or codes.
-o, --source-or-dest-group SOURCE-OR-DEST-GROUP [--source-or-dest-group...]
Source or destination security group to be authorized, specified as
an EC2 security group name, e.g. default. This may be specified more
than once to allow network traffic from multiple security groups.
-u, --source-or-dest-group-user SOURCE-OR-DEST-GROUP-USER
[--source-or-dest-group-user...]
The owner of the security group specified using -o. If specified only
once, the same user will be used for all specified groups. However, if
specified once per -o, each user is mapped to a group in order.
Anything else is invalid.
This option is invalid for VPC security groups. VPC source groups
must be owned by the authorizing user.
-s, --cidr CIDR
The network source from which traffic is to be authorized in the
case of an ingress request, or to which traffic is to be authorized
in the case of an egress request. Specified as a CIDR subnet range,
e.g. 205.192.8.45/24. This may be specified more than once to allow
traffic from multiple subnets.
If no subnet and no group are specified, this will default
to the wildcard CIDR 0.0.0.0/0.
--source-subnet
Like --cidr, but for ingress requests only. For backward compatibility.
--dest-subnet
Like --cidr, but for egress requests only. For backward compatibility.
Use ec2revoke online using onworks.net services