Elastic Load Balancing
Developer Guide (API Version 2011-11-15)
AWS Documentation » Elastic Load Balancing Documentation » Developer Guide » Using Elastic Load Balancing » Deploying Elastic Load Balancing in Amazon VPC » Managing Security Groups in Amazon VPC
Print this pageEmail this pageGo to the ForumsView the PDFShare this page on TwitterShare this page on FacebookBookmark this page on DeliciousSubmit this page to RedditSubmit this page to DiggDid this page help you?  Yes  No   Tell us about it...

Managing Security Groups in Amazon VPC

A security group acts as a firewall that controls the traffic allowed into an instance. When you launch an instance in an Amazon Virtual Private Cloud, you can assign the instance to up to five VPC security groups. The groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in your Amazon VPC could belong to a different set of security groups. If you don't specify a particular group at launch time, the instance automatically belongs to the VPC's default security group. For each group, you add rules that govern the allowed inbound traffic to instances in the group, and a separate set of rules that govern the allowed outbound traffic.

The security groups you've created for Amazon EC2 (i.e., EC2 security groups) are not available to use in your VPC. You must create a separate set of security groups to use in your Amazon VPC (i.e., VPC security groups). The rules you create for a VPC security group can't reference a EC2 security group in your account, and vice versa. Also, VPC security groups have additional capabilities not available to EC2 security groups. For more information on Amazon VPC security groups, go to Security in Your VPC.

This section walks you through the process of assigning a security group to your existing load balancer in Amazon VPC using either the AWS Management Console, Query API or the command line interfaces.

Using the AWS Management Console

To assign a security group to your load balancer

  1. In the AWS Management Console, click the Amazon EC2 tab.

  2. Click Load Balancers in the Navigation pane.

  3. On the Load Balancers page, select the load balancer that you created for your VPC.

  4. The bottom pane displays the details of your load balancer.

  5. Click the Security tab.

  6. In the Security Groups pane, select the security group.

  7. A list of assigned security groups for your load balancer is displayed below the Security Groups pane.

    Add Security Groups

Using the Query API

To assign a security group to an existing load balancer

  1. Call ApplySecurityGroupsToLoadBalancer with the following parameters:

    • SecurityGroups = sg-53fae93f

    • LoadBalancerName = MyVPCLoadBalancer

  2. The operation returns the security group ID of the assigned security group.

For detailed descriptions of the Elastic Load Balancing API actions, see Elastic Load Balancing API Reference.

Using the Command Line Interface

To assign a security group to your existing load balancer in Amazon VPC

Enter the command elb-apply-security-groups-to-lb as in the following example.

PROMPT>elb-apply-security-groups-to-lb  MyVPCLoadBalancer --groups sg-53fae93f

The operation returns the security group ID of the assigned security group.

For detailed descriptions of the Elastic Load Balancing commands, see the Elastic Load Balancing Quick Reference Card.

Document Conventions
Terms of Use		Did this page help you?  Yes  No   Tell us about it...