How to change the name and description of an AWS EC2 security group?

Question

How do you change the name and description of a security group in AWS EC2?

My security group is named quick-start-1 (the default) and I want to change it to "HTTP, HTTPS and Limited SSH".

Can't even change the description! What stupidity is this, Amazon? — ADTC, Jan 03 '16 at 02:25

score 59 · Answer 1 · edited Mar 02 '21 at 16:24

59

You cannot rename a security group but you can copy it into a new one.

On the AWS console go to EC2 -> Security Groups -> Select the SG -> Click actions -> Copy to new.

Give it a name and description that suits your taste.

After that you can associate this security group with your instances (making it redundant with the old one).

Finally, dissociate the old security group from your instances (rules remains the same since the new SG is a copy) and delete the SG.

It is a little bit of work, but it does get the job done with no downtime.

edited Mar 02 '21 at 16:24

mikemaccana

3,370
5
25
29

answered Apr 10 '15 at 22:43

FlavioMuratore

591
4
2

2

...only works with VPC instances, "classic" instances can't do this. – Dan Pritts Jun 22 '15 at 15:12
This should be the accepted answer, not sure why anyone uses EC2 classic these days anyhow – Paul Grimshaw Mar 31 '16 at 09:56
Unfortunately, you're REQUIRED to change the name in this case. If you only want to change the description, you have to copy to a new one, update all references, delete the old one, and then do it all again with another copy with the original name. – James Jun 19 '17 at 22:53
1

Not to forget that you will also need to `grep` all your sources for usages of "old" security group and replace with ID/name of the new one (if you have some scripts for automation, etc.) – Tim Apr 13 '18 at 19:21
1

Best Answer for most folks/use cases. – Brian Wylie Oct 25 '18 at 17:36

score 39 · Accepted Answer · edited Mar 02 '21 at 16:21

39

It's not possible to rename a security group, by GUI or by API.

For VPC EC2 instances

You can dynamically assign security groups assigned to VPC EC2 instances. Create a new SG with the desired name and the same rules.

EC2 classic instances

It's not possible to change the security group that is assigned to EC2 classic instances.

If you must change the security group for an EC2 classic instance, then you need to:

Create an AMI from your instance, then
Launch a new copy of your instance from the AMI created in step #1, selecting the new security group at launch time.

edited Mar 02 '21 at 16:21

mikemaccana

3,370
5
25
29

answered Jan 07 '13 at 01:32

Matt Houser

10,053
1
28
28

15

Not entirely correct. If you use a VPC (and why wouldn't you) you can change assigned SGs dynamically. – EEAA Jan 07 '13 at 04:00
5

wonderful ridiculousness... – Jacob Thomason Mar 16 '14 at 10:04
3

You can choose to copy the security group. Then you are given the possibility to give the new security group a new name and a new description. – fredrik Jul 02 '14 at 07:14
One reason to not use a VPC is because you can't without starting up a new AWS account. :( – Dan Pritts Jun 22 '15 at 15:11
3

All AWS accounts can use VPC. – Matt Houser Jun 22 '15 at 15:37
1

The renaming can be done by copying an existing security group to a new one, changing instance security group to the latter and then removing the previous security group. – demisx Feb 07 '19 at 00:06
Note: In May of 2023, this is still the correct answer. Nothing has changed. – Craig S. Anderson May 17 '23 at 17:23

score 6 · Answer 3 · answered Jan 07 '13 at 01:09

6

You're not the first to want this, and you're not the first to be disappointed.

Also, you cant change security group memberships for an instance once launched. :-(

I'm 99% sure this cant be done via the web GUI. Maybe via API shenanigans, but if so i've never seen it. I've wanted it myself often enough.

answered Jan 07 '13 at 01:09

Sirex

5,499
2
33
54

10

As mentioned above, if in a VPC, you can change security group assignments as needed at any time. It's only non-VPC instances that have this restriction. – EEAA Jan 07 '13 at 04:02
Yes, sorry I should have made that point. – Sirex Jan 07 '13 at 18:42

score 2 · Answer 4 · answered Aug 31 '22 at 04:06

2

2022's answer.

Actually, You cannot rename the SG name. You can follow the steps of FlavioMuratore's answer to copy the old group into a new one.

After that, you can Change SG like this

Right click your instance --> Security --> Change Security Group.

Then you can remove or add any SG as your needs without downtime.

answered Aug 31 '22 at 04:06

Nguyễn Văn Phong

129
2

This duplicates the existing, long-standing answers. – ceejayoz Aug 31 '22 at 04:35
1

I dont think so. I've provided the way to change SG after you clone the old one. – Nguyễn Văn Phong Aug 31 '22 at 06:07
The first answer says "You can dynamically assign security groups assigned to VPC EC2 instances"; the second says "After that you can associate this security group with your instances". – ceejayoz Aug 31 '22 at 16:30
1

For me, It's hard to find out a way to change SG. Furthermore, "An image worth a thousand words" @ceejayoz – Nguyễn Văn Phong Aug 31 '22 at 16:32
1

Why downvote a new contributor's answer that clearly adds new detail is beyond me? Thanks @NguyễnVănPhong, +1 from me. – LMSingh Oct 25 '22 at 23:46

How to change the name and description of an AWS EC2 security group?

4 Answers4

For VPC EC2 instances

EC2 classic instances

2022's answer.