CreateClusterSecurityGroup - Amazon Redshift


Creates a new Amazon Redshift security group. You use security groups to control access to non-VPC clusters.

For information about managing security groups, go to Amazon Redshift Cluster Security Groups in the Amazon Redshift Cluster Management Guide.

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.


The name for the security group. Amazon Redshift stores the value as a lowercase string.


  • Must contain no more than 255 alphanumeric characters or hyphens.

  • Must not be "Default".

  • Must be unique for all security groups that are created by your AWS account.

Example: examplesecuritygroup

Type: String

Required: Yes


A description for the security group.

Type: String

Required: Yes


A list of tag instances.

Type: Array of Tag objects

Required: No

Response Elements

The following element is returned by the service.


Describes a security group.

Type: ClusterSecurityGroup object


For information about the errors that are common to all actions, see Common Errors.


A cluster security group with the same name already exists.

HTTP Status Code: 400


The tag is invalid.

HTTP Status Code: 400


The request would result in the user exceeding the allowed number of cluster security groups. For information about increasing your quota, go to Limits in Amazon Redshift in the Amazon Redshift Cluster Management Guide.

HTTP Status Code: 400


You have exceeded the number of tags allowed.

HTTP Status Code: 400



This example illustrates one usage of CreateClusterSecurityGroup.

Sample Request ?Action=CreateClusterSecurityGroup &ClusterSecurityGroupName=securitygroup1 &Description=my security group &Version=2012-12-01 &x-amz-algorithm=AWS4-HMAC-SHA256 &x-amz-credential=AKIAIOSFODNN7EXAMPLE/20130123/us-east-2/redshift/aws4_request &x-amz-date=20130123T005817Z &x-amz-signedheaders=content-type;host;x-amz-date

Sample Response

<CreateClusterSecurityGroupResponse xmlns=""> <CreateClusterSecurityGroupResult> <ClusterSecurityGroup> <EC2SecurityGroups/> <IPRanges/> <Description>my security group</Description> <ClusterSecurityGroupName>securitygroup1</ClusterSecurityGroupName> </ClusterSecurityGroup> </CreateClusterSecurityGroupResult> <ResponseMetadata> <RequestId>f9ee270f-64f7-11e2-a8da-655adc216806</RequestId> </ResponseMetadata> </CreateClusterSecurityGroupResponse>

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: