:doc:`Redshift <../../redshift>` / Client / revoke_cluster_security_group_ingress

*************************************
revoke_cluster_security_group_ingress
*************************************



.. py:method:: Redshift.Client.revoke_cluster_security_group_ingress(**kwargs)

  

  Revokes an ingress rule in an Amazon Redshift security group for a previously authorized IP range or Amazon EC2 security group. To add an ingress rule, see  AuthorizeClusterSecurityGroupIngress. For information about managing security groups, go to `Amazon Redshift Cluster Security Groups <https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-security-groups.html>`__ in the *Amazon Redshift Cluster Management Guide*.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/redshift-2012-12-01/RevokeClusterSecurityGroupIngress>`_  


  **Request Syntax**
  ::

    response = client.revoke_cluster_security_group_ingress(
        ClusterSecurityGroupName='string',
        CIDRIP='string',
        EC2SecurityGroupName='string',
        EC2SecurityGroupOwnerId='string'
    )
    
  :type ClusterSecurityGroupName: string
  :param ClusterSecurityGroupName: **[REQUIRED]** 

    The name of the security Group from which to revoke the ingress rule.

    

  
  :type CIDRIP: string
  :param CIDRIP: 

    The IP range for which to revoke access. This range must be a valid Classless Inter-Domain Routing (CIDR) block of IP addresses. If ``CIDRIP`` is specified, ``EC2SecurityGroupName`` and ``EC2SecurityGroupOwnerId`` cannot be provided.

    

  
  :type EC2SecurityGroupName: string
  :param EC2SecurityGroupName: 

    The name of the EC2 Security Group whose access is to be revoked. If ``EC2SecurityGroupName`` is specified, ``EC2SecurityGroupOwnerId`` must also be provided and ``CIDRIP`` cannot be provided.

    

  
  :type EC2SecurityGroupOwnerId: string
  :param EC2SecurityGroupOwnerId: 

    The Amazon Web Services account number of the owner of the security group specified in the ``EC2SecurityGroupName`` parameter. The Amazon Web Services access key ID is not an acceptable value. If ``EC2SecurityGroupOwnerId`` is specified, ``EC2SecurityGroupName`` must also be provided. and ``CIDRIP`` cannot be provided.

     

    Example: ``111122223333``

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'ClusterSecurityGroup': {
              'ClusterSecurityGroupName': 'string',
              'Description': 'string',
              'EC2SecurityGroups': [
                  {
                      'Status': 'string',
                      'EC2SecurityGroupName': 'string',
                      'EC2SecurityGroupOwnerId': 'string',
                      'Tags': [
                          {
                              'Key': 'string',
                              'Value': 'string'
                          },
                      ]
                  },
              ],
              'IPRanges': [
                  {
                      'Status': 'string',
                      'CIDRIP': 'string',
                      'Tags': [
                          {
                              'Key': 'string',
                              'Value': 'string'
                          },
                      ]
                  },
              ],
              'Tags': [
                  {
                      'Key': 'string',
                      'Value': 'string'
                  },
              ]
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **ClusterSecurityGroup** *(dict) --* 

        Describes a security group.

        
        

        - **ClusterSecurityGroupName** *(string) --* 

          The name of the cluster security group to which the operation was applied.

          
        

        - **Description** *(string) --* 

          A description of the security group.

          
        

        - **EC2SecurityGroups** *(list) --* 

          A list of EC2 security groups that are permitted to access clusters associated with this cluster security group.

          
          

          - *(dict) --* 

            Describes an Amazon EC2 security group.

            
            

            - **Status** *(string) --* 

              The status of the EC2 security group.

              
            

            - **EC2SecurityGroupName** *(string) --* 

              The name of the EC2 Security Group.

              
            

            - **EC2SecurityGroupOwnerId** *(string) --* 

              The Amazon Web Services account ID of the owner of the EC2 security group specified in the ``EC2SecurityGroupName`` field.

              
            

            - **Tags** *(list) --* 

              The list of tags for the EC2 security group.

              
              

              - *(dict) --* 

                A tag consisting of a name/value pair for a resource.

                
                

                - **Key** *(string) --* 

                  The key, or name, for the resource tag.

                  
                

                - **Value** *(string) --* 

                  The value for the resource tag.

                  
            
          
        
      
        

        - **IPRanges** *(list) --* 

          A list of IP ranges (CIDR blocks) that are permitted to access clusters associated with this cluster security group.

          
          

          - *(dict) --* 

            Describes an IP range used in a security group.

            
            

            - **Status** *(string) --* 

              The status of the IP range, for example, "authorized".

              
            

            - **CIDRIP** *(string) --* 

              The IP range in Classless Inter-Domain Routing (CIDR) notation.

              
            

            - **Tags** *(list) --* 

              The list of tags for the IP range.

              
              

              - *(dict) --* 

                A tag consisting of a name/value pair for a resource.

                
                

                - **Key** *(string) --* 

                  The key, or name, for the resource tag.

                  
                

                - **Value** *(string) --* 

                  The value for the resource tag.

                  
            
          
        
      
        

        - **Tags** *(list) --* 

          The list of tags for the cluster security group.

          
          

          - *(dict) --* 

            A tag consisting of a name/value pair for a resource.

            
            

            - **Key** *(string) --* 

              The key, or name, for the resource tag.

              
            

            - **Value** *(string) --* 

              The value for the resource tag.

              
        
      
    
  
  **Exceptions**
  
  *   :py:class:`Redshift.Client.exceptions.ClusterSecurityGroupNotFoundFault`

  
  *   :py:class:`Redshift.Client.exceptions.AuthorizationNotFoundFault`

  
  *   :py:class:`Redshift.Client.exceptions.InvalidClusterSecurityGroupStateFault`

  