How can I add my own security group to my Elastic Beanstalk environment?

Last updated: 2019-10-02

I want to add my own security group to my AWS Elastic Beanstalk environment.

Short Description

By default, Elastic Beanstalk creates a security group for your environment, but you can also add your own security group to your environment. To do this, add one or more configuration files to a .ebextensions directory in your application deployment package. The .ebextensions make Elastic Beanstalk attach a pre-existing security group to your Auto Scaling group.

Resolution

1.    Use a pre-existing security group, or create a new security group.

2.    Note the name of your security group (For example, ebtest).

3.    Create a .ebextensions/ directory in your local application code directory.

Note: For more information, see Advanced Environment Customization with Configuration Files (.ebextensions).

4.    In the .ebextensions/ directory, create a file named securitygroup.config. See the following example:

option_settings:
  - namespace: aws:autoscaling:launchconfiguration
    option_name: SecurityGroups
    value: ebtest

5.    Deploy your code and the new .ebextensions/ directory together as a new application version to your Elastic Beanstalk environment.

After deployment, your security group is attached to your Amazon Elastic Compute Cloud (Amazon EC2) instances. Your environment is now successfully using your existing security group in addition to the default security group.

Note: If you use Amazon Virtual Private Cloud (Amazon VPC) with Elastic Beanstalk so that your instances are launched within a VPC, specify security group IDs instead of security group names.