CreateIpGroup - Amazon WorkSpaces Service


Creates an IP access control group.

An IP access control group provides you with the ability to control the IP addresses from which users are allowed to access their WorkSpaces. To specify the CIDR address ranges, add rules to your IP access control group and then associate the group with your directory. You can add rules when you create the group or at any time using AuthorizeIpRules.

There is a default IP access control group associated with your directory. If you don't associate an IP access control group with your directory, the default group is used. The default group includes a default rule that allows users to access their WorkSpaces from anywhere. You cannot modify the default IP access control group for your directory.

Request Syntax

{ "GroupDesc": "string", "GroupName": "string", "Tags": [ { "Key": "string", "Value": "string" } ], "UserRules": [ { "ipRule": "string", "ruleDesc": "string" } ] }

Request Parameters

The request accepts the following data in JSON format.


The description of the group.

Type: String

Required: No


The name of the group.

Type: String

Required: Yes


The tags. Each WorkSpaces resource can have a maximum of 50 tags.

Type: Array of Tag objects

Required: No


The rules to add to the group.

Type: Array of IpRuleItem objects

Required: No

Response Syntax

{ "GroupId": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


The identifier of the group.

Type: String

Pattern: wsipg-[0-9a-z]{8,63}$


For information about the errors that are common to all actions, see Common Errors.


The user is not authorized to access a resource.

HTTP Status Code: 400


One or more parameter values are not valid.

HTTP Status Code: 400


The specified resource already exists.

HTTP Status Code: 400


The resource could not be created.

HTTP Status Code: 400


Your resource limits have been exceeded.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: