Create security group in AWS using python

Question

How do I create a security group on AWS using python boto? What script do I use?

score 0 · Answer 1 · Jun 24, 2019

Hi @Faheem, try this script. It will let your instances be accessed from port 80 and 22.

import boto3
from botocore.exceptions import ClientError

ec2 = boto3.client('ec2')

response = ec2.describe_vpcs()
vpc_id = response.get('Vpcs', [{}])[0].get('VpcId', '')

try:
    response = ec2.create_security_group(GroupName='SECURITY_GROUP_NAME',
                                         Description='DESCRIPTION',
                                         VpcId=vpc_id)
    security_group_id = response['GroupId']
    print('Security Group Created %s in vpc %s.' % (security_group_id, vpc_id))

    data = ec2.authorize_security_group_ingress(
        GroupId=security_group_id,
        IpPermissions=[
            {'IpProtocol': 'tcp',
             'FromPort': 80,
             'ToPort': 80,
             'IpRanges': [{'CidrIp': '0.0.0.0/0'}]},
            {'IpProtocol': 'tcp',
             'FromPort': 22,
             'ToPort': 22,
             'IpRanges': [{'CidrIp': '0.0.0.0/0'}]}
        ])
    print('Ingress Successfully Set %s' % data)
except ClientError as e:
    print(e)

answered Jun 24, 2019 by Yamini

Hi @Faheem,

create a security group on AWS using the Python Boto library, you can use the following script:

```python
import boto.ec2

# Connect to AWS using your credentials
conn = boto.ec2.connect_to_region('your_region', aws_access_key_id='your_access_key', aws_secret_access_key='your_secret_key')

# Create a new security group
security_group = conn.create_security_group('my-security-group', 'My Security Group Description')

# Add inbound rules to the security group
security_group.authorize('tcp', 80, 80, '0.0.0.0/0') # Example rule to allow incoming HTTP traffic

# Print the created security group ID
print("Security group ID:", security_group.id)
```

Make sure to replace `'your_region'`, `'your_access_key'`, and `'your_secret_key'` with your actual AWS region and credentials. The example script creates a security group named `'my-security-group'` with a description. It also adds an inbound rule to allow incoming TCP traffic on port 80 (HTTP) from any IP address (`'0.0.0.0/0'`).

Ensure that you have the Boto library installed in your Python environment (`pip install boto`) before running the script. Also, make sure your AWS credentials have the necessary permissions to create security groups.

Note: The script uses the older version of Boto (Boto 2). For Boto 3, the code and API usage will be slightly different.