User guide

ManualsBrandsAmazon ManualsComputer equipmentAWS SDK

• AWS Security Credentials in AWS General Reference

Now that you have configured your settings, you can get started using the code in the example.

Step 2: Setting Up a Security Group

A security group acts as a firewall that controls the traffic allowed in and out of a group of instances. By

default, an instance is started without any security group, which means that all incoming IP traffic, on any

TCP port will be denied. So, before submitting our Spot Request, we will set up a security group that

allows the necessary network traffic. For the purposes of this tutorial, we will create a new security group

called "GettingStarted" that allows Secure Shell (SSH) traffic from the IP address where you are running

your application from.To set up a new security group, you need to include or run the following code

sample that sets up the security group programmatically.

After we create an AmazonEC2 client object, we create a CreateSecurityGroupRequest object with

the name, "GettingStarted" and a description for the security group.Then we call the

ec2.createSecurityGroup API to create the group.

To enable access to the group, we create an ipPermission object with the IP address range set to the

CIDR representation of the subnet for the local computer; the "/10" suffix on the IP address indicates the

subnet for the specified IP address. We also configure the ipPermission object with the TCP protocol

and port 22 (SSH). The final step is to call ec2.authorizeSecurityGroupIngress with the name of

our security group and the ipPermission object.

// Retrieves the credentials from an AWSCredentials.properties file.

AWSCredentials credentials = null;

try {

5 credentials = new PropertiesCredentials(

GettingStartedApp.class.getResourceAsStream("AwsCredentials.proper

ties"));

} catch (IOException e1) {

System.out.println("Credentials were not properly entered into AwsCre

dentials.properties.");

System.out.println(e1.getMessage());

10 System.exit(-1);

}

// Create the AmazonEC2Client object so we can call various APIs.

AmazonEC2 ec2 = new AmazonEC2Client(credentials);

// Create a new security group.

try {

CreateSecurityGroupRequest securityGroupRequest = new CreateSecurity

GroupRequest("GettingStartedGroup", "Getting Started Security Group");

ec2.createSecurityGroup(securityGroupRequest);

20 } catch (AmazonServiceException ase) {

// Likely this means that the group is already created, so ignore.

System.out.println(ase.getMessage());

}

25 String ipAddr = "0.0.0.0/0";

// Get the IP of the current host, so that we can limit the Security

// Group by default to the ip range associated with your subnet.

try {

30 InetAddress addr = InetAddress.getLocalHost();

Version v1.0.0

AWS SDK for Java Developer Guide

Tutorial: Amazon EC2 Spot Instances