Skip to main content

IP Whitelist - AWS Security Group

This Playbook is part of the AWS - EC2 Pack.#

Supported versions

Supported Cortex XSOAR versions: 5.5.0 and later.

Sync a list of IP addresses to an AWS Security Group.


This playbook uses the following sub-playbooks, integrations, and scripts.


This playbook does not use any sub-playbooks.


  • AWS - EC2
  • AWS-EC2


  • Set
  • CompareLists


  • removeIndicatorField
  • aws-ec2-describe-security-groups
  • aws-ec2-revoke-security-group-ingress-rule
  • setIndicator
  • aws-ec2-authorize-security-group-ingress-rule

Playbook Inputs#

NameDescriptionDefault ValueRequired
Indicator QueryIndicators matching the indicator query will be used as playbook inputOptional
IPIP addresses to set in the allow listRequired
SecurityGroupNameName of the AWS Security Group to updateRequired
IndicatorTagNameName of the Indicator Tag to apply to any IPs allowed by this playbook.AWS_IP_WhitelistRequired

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

IP Whitelist - AWS Security Group