The Amazon SDK for Java 1.x has entered maintenance mode as of July 31, 2024,
and will reach end-of-support
Working with Security Groups in Amazon EC2
Creating a Security Group
To create a security group, call the AmazonEC2Client’s createSecurityGroup
method with a CreateSecurityGroupRequest that contains the key’s name.
Imports
import com.amazonaws.services.ec2.AmazonEC2; import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; import com.amazonaws.services.ec2.model.CreateSecurityGroupRequest; import com.amazonaws.services.ec2.model.CreateSecurityGroupResult;
Code
final AmazonEC2 ec2 = AmazonEC2ClientBuilder.defaultClient(); CreateSecurityGroupRequest create_request = new CreateSecurityGroupRequest() .withGroupName(group_name) .withDescription(group_desc) .withVpcId(vpc_id); CreateSecurityGroupResult create_response = ec2.createSecurityGroup(create_request);
See the complete example
Configuring a Security Group
A security group can control both inbound (ingress) and outbound (egress) traffic to your Amazon EC2 instances.
To add ingress rules to your security group, use the AmazonEC2Client’s authorizeSecurityGroupIngress
method, providing the name of the security group and the access rules (IpPermission) you want to assign to it within an AuthorizeSecurityGroupIngressRequest object. The following example shows how to add IP permissions to a security group.
Imports
import com.amazonaws.services.ec2.AmazonEC2; import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; import com.amazonaws.services.ec2.model.CreateSecurityGroupRequest; import com.amazonaws.services.ec2.model.CreateSecurityGroupResult;
Code
IpRange ip_range = new IpRange() .withCidrIp("0.0.0.0/0"); IpPermission ip_perm = new IpPermission() .withIpProtocol("tcp") .withToPort(80) .withFromPort(80) .withIpv4Ranges(ip_range); IpPermission ip_perm2 = new IpPermission() .withIpProtocol("tcp") .withToPort(22) .withFromPort(22) .withIpv4Ranges(ip_range); AuthorizeSecurityGroupIngressRequest auth_request = new AuthorizeSecurityGroupIngressRequest() .withGroupName(group_name) .withIpPermissions(ip_perm, ip_perm2); AuthorizeSecurityGroupIngressResult auth_response = ec2.authorizeSecurityGroupIngress(auth_request);
To add an egress rule to the security group, provide similar data in an AuthorizeSecurityGroupEgressRequest to the AmazonEC2Client’s authorizeSecurityGroupEgress
method.
See the complete example
Describing Security Groups
To describe your security groups or get information about them, call the AmazonEC2Client’s describeSecurityGroups
method. It returns a DescribeSecurityGroupsResult that you can use to access the list of security groups by calling its getSecurityGroups
method, which returns a list of SecurityGroup objects.
Imports
import com.amazonaws.services.ec2.AmazonEC2; import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; import com.amazonaws.services.ec2.model.DescribeSecurityGroupsRequest; import com.amazonaws.services.ec2.model.DescribeSecurityGroupsResult;
Code
final String USAGE = "To run this example, supply a group id\n" + "Ex: DescribeSecurityGroups <group-id>\n"; if (args.length != 1) { System.out.println(USAGE); System.exit(1); } String group_id = args[0];
See the complete example
Deleting a Security Group
To delete a security group, call the AmazonEC2Client’s deleteSecurityGroup
method, passing it a DeleteSecurityGroupRequest that contains the ID of the security group to delete.
Imports
import com.amazonaws.services.ec2.AmazonEC2; import com.amazonaws.services.ec2.AmazonEC2ClientBuilder; import com.amazonaws.services.ec2.model.DeleteSecurityGroupRequest; import com.amazonaws.services.ec2.model.DeleteSecurityGroupResult;
Code
final AmazonEC2 ec2 = AmazonEC2ClientBuilder.defaultClient(); DeleteSecurityGroupRequest request = new DeleteSecurityGroupRequest() .withGroupId(group_id); DeleteSecurityGroupResult response = ec2.deleteSecurityGroup(request);
See the complete example
More Information
-
Amazon EC2 Security Groups
in the Amazon EC2 User Guide for Linux Instances -
Authorizing Inbound Traffic for Your Linux Instances
in the Amazon EC2 User Guide for Linux Instances -
CreateSecurityGroup
in the Amazon EC2 API Reference -
DescribeSecurityGroups
in the Amazon EC2 API Reference -
DeleteSecurityGroup
in the Amazon EC2 API Reference -
AuthorizeSecurityGroupIngress
in the Amazon EC2 API Reference