Adds the specified inbound (ingress) rules to a security group.
An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR
address range, or from the instances that are associated with the specified destination security
groups. When specifying an inbound rule for your security group in a VPC, the
IpPermissions must include a source for the traffic.
You specify a protocol for each rule (for example, TCP). For TCP and UDP, you must also specify the destination port or port range. For ICMP/ICMPv6, you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean all types or all codes.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
For more information about VPC security group quotas, see Amazon VPC quotas.
We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the Amazon Elastic Compute Cloud User Guide.