top of page

How to set up an EC2 security group

You can create a security group in Amazon EC2 using the AWS Management Console, AWS Command Line Interface (CLI), or an SDK like Boto3 (for Python). Below, I'll outline how to create a security group using the AWS Management Console:

Using the AWS Management Console:

1. Sign in to the AWS Management Console:

Log in to your AWS account using your credentials. 2. Navigate to the EC2 Dashboard:

In the AWS Management Console, navigate to the EC2 dashboard by selecting "Services" and then choosing "EC2" under the "Compute" section.

3. Access the Security Groups Page:

In the EC2 dashboard, locate the "Network & Security" section in the left sidebar and click on "Security Groups."

4. Create a New Security Group:

On the Security Groups page, click the "Create Security Group" button.

5. Configure the Security Group:

Fill out the details for your security group:

Name: Provide a descriptive name for your security group.

Description: Optionally, add a description for the security group.

VPC: Select the Virtual Private Cloud (VPC) where you want to create the security group.

6. Add Inbound and Outbound Rules: Define the inbound and outbound rules to control the traffic to and from your instances. You can add rules for specific ports, IP addresses, and protocols.

- For inbound rules, click the "Add Rule" button under the "Inbound rules" section.

- For outbound rules, click the "Add Rule" button under the "Outbound rules" section.

Example of an inbound rule for allowing SSH (port 22) access:

- Type: SSH (22)

- Protocol: TCP

- Source: Specify the IP range or specific IP addresses allowed to access (e.g., for any IP).

security group

7. Review and Create:

Review the configuration settings to ensure they are correct. After reviewing, click the "Create security group" button.

Confirm the security group's creation. Using AWS CLI

[root@siddhesh ~]# aws ec2 describe-security-groups
     "SecurityGroups": [
         { "Description": "launch-wizard-1 created 2023-10-21T10:51:12.057Z",
             "GroupName": "launch-wizard-1",
             "IpPermissions": [
                     "FromPort": 22,
                     "IpProtocol": "tcp",
                     "IpRanges": [
                             "CidrIp": ""
                     "Ipv6Ranges": [],
                     "PrefixListIds": [],
                     "ToPort": 22,
                     "UserIdGroupPairs": []
[root@siddhesh ~]# 

bottom of page