You can optionally create one or more rules for the
security group. A rule grants a specified
range of IP addresses access (inbound to or outbound from) your instances
for a protocol or custom port range. Rules for many of
the most popular protocols are pre-defined and available
for selection in the drop-down list box, or you can
define your own rule.
Select Inbound to set the rules for inbound access or select
Outbound to set the rules for outbound access.
Note: The Outbound option is not available if No VPC was selected for VPC
Important: You should specify at least one rule for your
Select a protocol for the rule from the Protocol drop-down
list box, or select a custom protocol. If a custom protocol is selected:
for TCP or UDP, enter a port range for the rule in the Port range text box.
for ICMP, associate an ICMP type by selecting it from the drop-down list box.
Identify the type of traffic to allow by selecting one of the following options:
- To grant access to an IP address or range of
IP addresses, select the IP
Address radio button and
enter a CIDR range in the text box.
- To grant access to all IP addresses, click Open to all addresses.
This sets the value to 0.0.0.0/0
- To grant access to only your computer, click Use my IP address.
- To grant access to a security group,
select the Security
group radio button and select a group from the drop-down list box or enter
the name of the security group in the text box.
Note: To specify a security group in another
account, use the format accountid/groupname.
Click the Add Rule button when done.
The newly added rule displays above the rule form.
Repeat as needed to add more rules.
A list of added rules display above the rule form to indicate they have been successfully added.