| « PreviousNext » | |
  | Did this page help you? Yes | No | Tell us about it... |
ec2-create-group
Description
Creates a security group.
Important
EC2-Classic: You can create up to 500 security groups.
EC2-VPC: You can create up to 100 security groups per VPC.
A security group is for use with instances either in the EC2-Classic platform or in a specific VPC. For more information, see Amazon EC2 Security Groups in the Amazon Elastic Compute Cloud User Guide and Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide.
When you create a security group, you specify a friendly name of your choice. You can have a security group for EC2-Classic with the same name as a security group for a VPC. However, you can't have two security groups for EC2-Classic with the same name or two security groups for a VPC with the same name.
You have a default security group for EC2-Classic and a default security group for your VPC. If you don't specify a security group when you launch an instance, the instance is launched into the appropriate default security group. A default security group includes a default rule that grants instances unrestricted network access to each other.
You can add or remove rules from your security groups using the
ec2-authorize and ec2-revoke commands.
The short version of this command is ec2addgrp.
Syntax
ec2-create-group
group_name -d description
[-c vpc_id]
Options
| Name | Description |
|---|---|
|
|
The name of the security group. Type: String Default: None Constraints: Up to 255 characters in length Constraints for EC2-Classic: ASCII characters Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* Required: Yes Example: websrv |
|
|
A description for the security group. This is informational only. Type: String Default: None Constraints: Up to 255 characters in length Constraints for EC2-Classic: ASCII characters Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* Required: Yes Example: -d "Web Servers" |
|
|
[EC2-VPC] The ID of the VPC. Type: String Default: None Required: Conditional Condition: Required for EC2-VPC Example: -c vpc-1a2b3c4d |
Common Options
| Option | Description |
|---|---|
|
|
Overrides the region specified by the Default: The value of the Example: |
|
|
The uniform resource locator (URL) of the Amazon EC2 web service entry point. Default: The value of the Example: |
|
|
The private key that identifies you to Amazon EC2. For more information, see Tell the Tools Who You Are. Default: The value of the Example: |
|
|
The X.509 certificate that identifies you to Amazon EC2. Default: The value of the Example: |
|
|
The access key ID associated with your AWS account. For more information, see Tell the Tools Who You Are. Default: The value of the Example: Note For more information, see the following section, Deprecated Options. |
|
|
The secret access key associated with your AWS account. Default: The value of the Example: Note For more information, see the following section, Deprecated Options. |
|
|
The AWS delegation token. Default: The value of the environment variable (if set). |
|
|
The connection timeout, in seconds. Example: |
|
|
The request timeout, in seconds. Example: |
|
|
Displays verbose output, including the API request and response on the command line. This is useful if you are building tools to talk directly to our Query API. |
|
|
Includes column headers in the command output. |
|
|
Shows empty columns as |
|
|
Omits tags for tagged resources. |
|
|
Displays internal debugging information. This can assist us when helping you troubleshooting problems. |
|
|
Displays usage information for the command. |
|
|
Reads arguments from standard input. This is useful when piping the output from one command to the input of another. Example: |
Deprecated Options
For a limited time, you can still use the private key and X.509 certificate instead of your access key ID and secret access key. However, we recommend that you start using your access key ID (-O, --aws-access-key) and secret access key (-W, --aws-secret-key) now, as the private key (-K, --private-key) and X.509 certificate (-C, --cert) won't be supported after the transition period elapses. For more information, see Tell the Tools Who You Are.
| Option | Description |
|---|---|
|
|
The private key to use when constructing requests to Amazon EC2. Default: The value of the Example: |
|
|
The X.509 certificate to use when constructing requests to Amazon EC2. Default: The value of the Example: |
Output
This command returns a table that contains the following information:
The GROUP identifier
The AWS-assigned ID for the group
The group name
The group description
Amazon EC2 command line tools display errors on stderr.
Examples
Example Request
This example creates the websrv security group for EC2-Classic.
PROMPT>ec2-create-group websrv -d "Web Servers"GROUP sg-1a2b3c4d websrv Web Servers
Example Request
This example creates the MyVPCGroup security group for the VPC
with the ID vpc-3325caf2.
PROMPT>ec2-create-group MyVPCGroup -d 'Group in my VPC' -c vpc-3325caf2GROUP sg-0a42d66a MyVPCGroup Group in my VPC
