In Amazon EC2, how can I set/change the "security group name" and "description"

Question

In EC2 console, security groups are identified by an unreadable resource number of the form "sg-{lotsofhexdigits}", by an easily edited "Name" column but also by columns named "security group name" and "description".  Unfortunately, I cannot find any AWS console command, AWS console action or CloudShell command to change those latter columns to something meaningful for the AWS account.

AWS-User-4644975 · Accepted Answer

It seems that the only workaround is to use the "Copy to new Security Group" action, then filling in the desired name and description in the arguments to that command.  In some corner cases (e.g. copy to different VPC), this requires that you manually delete the "self-ref" rule during the copy command, then add it back manually once the copy has been assigned a number by AWS.

Andrew · Answer

What I find particulary odd is that many of the web uis will tell you what the "security group name" of the new group will be (eg launch-wizard-5) and yet they don't allow you to enter a meaningful name.

re:Post Agent · Answer

You're right that security groups in Amazon EC2 are identified by their ID (sg-xxxxxxxx), but they also have a name and description that can be more meaningful. However, there's a slight misunderstanding in your question.

The "Name" tag you're referring to is different from the "security group name". The "security group name" is actually set when you create the security group and cannot be changed after creation. The "Name" tag, on the other hand, can be edited at any time.

As for the description, you can indeed change it after the security group has been created. Here's how you can do it:

1. Using the AWS CLI:
   You can use the 'update-security-group-rule-descriptions-egress' or 'update-security-group-rule-descriptions-ingress' commands to update the description of egress or ingress rules respectively. However, these commands don't change the overall security group description.

2. Using the AWS Management Console:
   Unfortunately, there isn't a direct way to change the security group description through the console after creation.

3. Using AWS SDK or API:
   You can use the UpdateSecurityGroupRuleDescriptionsIngress and UpdateSecurityGroupRuleDescriptionsEgress API calls to update rule descriptions, but not the overall security group description.

It's important to note that if you need to change the security group name, you would need to create a new security group with the desired name and then associate your resources with this new security group.

To make your security groups more identifiable, it's a best practice to use meaningful names when creating them, and to use tags (including the "Name" tag) to add additional context and information. These tags can be easily edited at any time and can be used for better organization and identification of your security groups.  
**Sources**  
[Change the security groups for your Amazon EC2 instance - Amazon Elastic Compute Cloud](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/changing-security-group.html)  
[Use CreateSecurityGroup with an AWS SDK or CLI - Amazon Elastic Compute Cloud](https://docs.aws.amazon.com/ec2/latest/devguide/example_ec2_CreateSecurityGroup_section.html)  
[Use CreateSecurityGroup with an AWS SDK or CLI - AWS SDK Code Examples](https://docs.aws.amazon.com/code-library/latest/ug/ec2_example_ec2_CreateSecurityGroup_section.html)

In Amazon EC2, how can I set/change the "security group name" and "description"

Add your answer

Relevant content