This action applies to both EC2 security groups and VPC security groups.
This action removes one or more ingress rules from a security group. The values that you specify in the
revoke request (e.g., ports, etc.) must match the existing rule's values for the rule to be removed.
Each rule consists of the protocol and the CIDR range or source security group. For the TCP and UDP
protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must
also specify the ICMP type and code.
Rule changes are propagated to instances within the security group as quickly as possible. However,
depending on the number of instances, a small delay might occur