Manualshelf

User guide

ManualsBrandsAmazon ManualsComputer equipmentAWS SDK
21222324252627282930
If you want to allow inbound traffic, create a security group and assign a rule to it that allows the ingress
that you want.Then associate the new security group with an Amazon EC2 instance. For more information,
see Authorize Security Group Ingress (p. 25).
To create an Amazon EC2 security group
1. Create and initialize a CreateSecurityGroupRequest instance. Use the withGroupName method to
set the security group name, and the withDescription method to set the security group description,
as follows:
CreateSecurityGroupRequest createSecurityGroupRequest =
new CreateSecurityGroupRequest();
createSecurityGroupRequest.withGroupName("JavaSecurityGroup")
.withDescription("My Java Security Group");
The security group name must be unique within the AWS region in which you initialize your Amazon
EC2 client.You must use US-ASCII characters for the security group name and description.
2. Pass the request object as a parameter to the createSecurityGroup method. The method returns a
CreateSecurityGroupResult object, as follows:
CreateSecurityGroupResult createSecurityGroupResult =
amazonEC2Client.createSecurityGroup(createSecurityGroupRequest);
You can create up to 500 security groups per AWS account.
If you attempt to create a security group with the same name as an existing security group,
createSecurityGroup throws an exception.
Before starting an Amazon EC2 instance, you next need to authorize security group ingress and create
a key pair to allow you to log into your instance.
For information about authorizing security group ingress, see Authorize Amazon EC2 Security Group
Ingress (p. 25).
For information about creating a key pair, see Create a Key Pair (p. 26).
For information about running your Amazon EC2 instance, see Run an Amazon EC2 Instance (p. 27).
Authorize Security Group Ingress
By default, a new security group does not allow any inbound traffic to your Amazon EC2 instance.To
allow inbound traffic, you must explicitly authorize security group ingress.You can authorize ingress for
individual IP addresses, for a range of IP addresses, for a specific protocol, and for TCP/UDP ports.
To authorize security group ingress
1. Create and initialize an IpPermission instance. Use the withIpRanges method to set the range of
IP addresses to authorize ingress for, and use the withIpProtocol method to set the IP protocol. Use
the withFromPort and withToPort methods to specify range of ports to authorize ingress for, as
follows:
Version v1.0.0
25
AWS SDK for Java Developer Guide
Starting an Amazon EC2 Instance