Amazon Redshift
API Reference (API Version 2012-12-01)

The AWS Documentation website is getting a new look!
Try it now and let us know what you think. Switch to the new look >>

You can return to the original look by selecting English in the language selector above.


Creates a new Amazon Redshift security group. You use security groups to control access to non-VPC clusters.

For information about managing security groups, go to Amazon Redshift Cluster Security Groups in the Amazon Redshift Cluster Management Guide.

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.


The name for the security group. Amazon Redshift stores the value as a lowercase string.


  • Must contain no more than 255 alphanumeric characters or hyphens.

  • Must not be "Default".

  • Must be unique for all security groups that are created by your AWS account.

Example: examplesecuritygroup

Type: String

Required: Yes


A description for the security group.

Type: String

Required: Yes


A list of tag instances.

Type: Array of Tag objects

Required: No

Response Elements

The following element is returned by the service.


Describes a security group.

Type: ClusterSecurityGroup object


For information about the errors that are common to all actions, see Common Errors.


A cluster security group with the same name already exists.

HTTP Status Code: 400


The tag is invalid.

HTTP Status Code: 400


The request would result in the user exceeding the allowed number of cluster security groups. For information about increasing your quota, go to Limits in Amazon Redshift in the Amazon Redshift Cluster Management Guide.

HTTP Status Code: 400


You have exceeded the number of tags allowed.

HTTP Status Code: 400


Sample Request ?Action=CreateClusterSecurityGroup &ClusterSecurityGroupName=securitygroup1 &Description=my security group &Version=2012-12-01 &x-amz-algorithm=AWS4-HMAC-SHA256 &x-amz-credential=AKIAIOSFODNN7EXAMPLE/20130123/us-east-1/redshift/aws4_request &x-amz-date=20130123T005817Z &x-amz-signedheaders=content-type;host;x-amz-date

Sample Response

<CreateClusterSecurityGroupResponse xmlns=""> <CreateClusterSecurityGroupResult> <ClusterSecurityGroup> <EC2SecurityGroups/> <IPRanges/> <Description>my security group</Description> <ClusterSecurityGroupName>securitygroup1</ClusterSecurityGroupName> </ClusterSecurityGroup> </CreateClusterSecurityGroupResult> <ResponseMetadata> <RequestId>f9ee270f-64f7-11e2-a8da-655adc216806</RequestId> </ResponseMetadata> </CreateClusterSecurityGroupResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: