How can I add my own security group to my Elastic Beanstalk environment?

2 minute read

I want to add my own security group to my AWS Elastic Beanstalk environment.

Short description

By default, Elastic Beanstalk creates a security group for your environment. You can also add your own security group to your environment. To do this, add one or more configuration files to a .ebextensions directory in your application deployment package. The .ebextensions directory makes Elastic Beanstalk attach a pre-existing security group to your Auto Scaling group.


1.    Use an existing security group, or create a new security group.

2.    Note the name of your security group. For example, ebtest.

3.    Create a .ebextensions/ directory in your local application code directory.

Note: For more information, see Advanced environment customization with configuration files (.ebextensions).

4.    In the .ebextensions/ directory, create a file that's named securitygroup.config. See the following example:

option_settings:  - namespace: aws:autoscaling:launchconfiguration
    option_name: SecurityGroups
    value: ebtest

5.    Deploy your code and the new .ebextensions/ directory together as a new application version to your Elastic Beanstalk environment.

After deployment, your security group is attached to your Amazon Elastic Compute Cloud (Amazon EC2) instances. Your environment now uses both your existing security group and the default security group.

Note: To launch your instances within a virtual private cloud (VPC), you can use Amazon Virtual Private Cloud (Amazon VPC) with Elastic Beanstalk. Instead of security group names, specify security group IDs.

Related information

Elastic Beanstalk samples on the GitHub website

How do I use my own security group for my load balancer when I deploy an AWS Elastic Beanstalk application?

AWS OFFICIALUpdated 2 months ago