Can't delete SG rule of non default VPC SG

[eyal-solomon1]

Describe the bug

Trying to remove a rule from a specific security group but getting an error

Expected Behavior

Getting response as specified here - SDK docs with Return key as true

Current Behavior

Error log :

TypeError: Cannot read property 'Error' of undefined
    at loadEc2ErrorCode (/Users/x/Documents/x/x/node_modules/@aws-sdk/client-ec2/dist-cjs/protocols/Aws_ec2.js:63861:21)
    at deserializeAws_ec2RevokeSecurityGroupIngressCommandError (/Users/x/Documents/x/x/node_modules/@aws-sdk/client-ec2/dist-cjs/protocols/Aws_ec2.js:21550:23)
    at processTicksAndRejections (node:internal/process/task_queues:94:5)
    at async /Users/x/Documents/x/x/node_modules/@aws-sdk/middleware-serde/dist-cjs/deserializerMiddleware.js:7:24
    at async /Users/x/Documents/x/x/node_modules/@aws-sdk/client-secrets-manager/node_modules/@aws-sdk/middleware-signing/dist-cjs/middleware.js:13:20
    at async StandardRetryStrategy.retry (/Users/x/Documents/x/x/node_modules/@aws-sdk/middleware-retry/dist-cjs/StandardRetryStrategy.js:51:46)
    at async /Users/x/Documents/x/x/node_modules/@aws-sdk/middleware-logger/dist-cjs/loggerMiddleware.js:6:22
    at async deploy (file:///Users/x/Documents/x/x/x)
    at async file:///Users/x/Documents/x/x/x {
  '$metadata': { attempts: 1, totalRetryDelay: 0 }
}

Reproduction Steps

try {
  const input = {
          SecurityGroupRuleIds: [sgrId], // SG rule id
          GroupId: instance.sg, // SG id
        };
        const command = new RevokeSecurityGroupIngressCommand(input);
        const r = await client.send(command);
        console.log(r);
      }
} catch (e) {
    console.log(e);
}

Possible Solution

No response

Additional Information/Context

No response

SDK version used

@aws-sdk/[email protected]

Environment details (OS name and version, etc.)

Mac M1 macOS Monterey 12.6

[eyal-solomon1]

Hey @ajredniwja can you assist here ?

[ajredniwja]

Hey @eyal-solomon1 thanks for opening this issue, I was not able to reproduce the issue:

I used the code below:

import { EC2Client, RevokeSecurityGroupIngressCommand } from "@aws-sdk/client-ec2"; // ES Modules import
(async() => {
    const client = new EC2Client("region: us-west-2");
    try {

        const input = {
            SecurityGroupRuleIds: ['sgr-984'], // SG rule id
            GroupId: "sg-0903093", // SG id
        };
        const command = new RevokeSecurityGroupIngressCommand(input);
        const r = await client.send(command);
        console.log(r);
    } catch (e) {
        console.log(e);
    }
})();

Response:

{
  '$metadata': {
    httpStatusCode: 200,
    requestId: '3s9pcebc-n778-3e30-92cf-ba669cc8700',
    extendedRequestId: undefined,
    cfId: undefined,
    attempts: 1,
    totalRetryDelay: 0
  },
  Return: true,
  UnknownIpPermissions: undefined
}

Version client:

    "dependencies": {
        "@aws-sdk/client-ec2": "^3.199.0"
    }

Can you try and run the same with the latest version?

Only difference is I am not on M1 mac but I dont think that should make any difference.

[eyal-solomon1]

GroupId

Hi @ajredniwja ,thanks for your response

updated sdk package to @aws-sdk/[email protected] and ran it with node v16.16.0

getting this error now :

Error: config.endpointProvider is not set.
    at getEndpointFromInstructions (/Users/../deployment_cli_tool/node_modules/@aws-sdk/middleware-endpoint/dist-cjs/adaptors/getEndpointFromInstructions.js:9:15)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)

config initialization :

const client = new EC2Client();

[aBurmeseDev]

Hi @eyal-solomon1 - apologies for the delay response.

The error suggests that the EC2Client instance is missing the necessary configuration for determining the endpoint to connect to the AWS EC2 service.

To resolve this issue, you need to provide the appropriate configuration options when creating the EC2Client instance.

• Specify the region explicitly
• Provide credentials and region

import { EC2Client, Credentials } from "@aws-sdk/client-ec2";

const client = new EC2Client({
  region: "us-west-2",
  credentials: new Credentials({
    accessKeyId: "YOUR_ACCESS_KEY_ID",
    secretAccessKey: "YOUR_SECRET_ACCESS_KEY",
  }),
});

Let me know if that resolves your issue. Best, John

[github-actions[bot]]

This issue has not received a response in 1 week. If you still think there is a problem, please leave a comment to avoid the issue from automatically closing.