How to change an EC2 instance's security group
I have created a new EC2 instance. It got assigned the default security group. I want to change that security group. How?
Solution 1:
Unless the instance is in a VPC, security groups can only be chosen before you start your instance for the first time.
Only VPC instances can change security group. For information on VPC see here.
Solution 2:
Now you can change the security group of an EC2 instance from the web console itself.
Select an instance -> right click or click Actions -> Under Networking -> select Change Security Groups
Solution 3:
For instances launched without a VPC, the Security Group can only be specified at first launch, and cannot be changed afterwards, not even if the instance is stopped first.
For instances launched into a VPC, the group can be changed. However, not all instance types are supported in the VPC - for example, "micro" is not supported as of December 2011.
Solution 4:
According to the Amazon EC2 documentation, you can update the assigned security group.
After you launch an instance in EC2-Classic, you can't change its security groups. However, you can add rules to or remove rules from a security group, and those changes are automatically applied to all instances that are associated with the security group.
Solution 5:
There is a way to accomplish this for an EBS-backed instance in a non-VPC environment, but it's a little painful:
- Shutdown the server you want to change.
- Right click the server and select Create Image to make an AMI from it.
- Once the AMI has been created, right click on the AMI and select Launch Instance.
- Choose the new security group as part of provisioning a "new" server.
This only works for EBS-backed instances that persist beyond a stop/start cycle.