Groups

A security group is a named collection of access rules. These access rules specify which ingress (i.e., incoming) network traffic should be delivered to your instance. All other ingress traffic will be discarded. You can modify rules for a group at any time. New rules are automatically enforced for all running and future instances.

Creating a group

1. Select the EC2 service under the account you wish to create the group for.
2. Select the Groups tab.
3. Click the Add button.
4. Enter a name and a short description for the group.
5. Click OK.

Deleting a group

1. Select the EC2 service under the account the group of which you wish to delete.
2. Select the Groups tab.
3. Select the group you wish to remove from the list of groups.
4. Click the Remove button.

Access rules define source based access either for named security groups or for IP subnetworks (i.e., CIDR-based rules).

Changing a group's access rules

1. Select the EC2 service under the account the group of which you wish to change.
2. Select the Groups tab.
3. Select the group you wish to change from the list of groups.
4. Select the Permissions tab.
5. To add an IP subnet based rule, click Add, select Add IP Permission, select the protocol, set the port range and subnet (in CIDR notation: address/subnet; e.g., 192.168.1.0/24) and click Add.
6. To add a security group based rule, click Add, select Add Group Permission, specify the group owner's account ID, the group's name and click Add.
7. To remove a rule, select it and click Remove.
8. To save the changes, click Apply.