It is not possible to change the security group that is assigned to an EC2 instance. In order to do this, the "accepted practice" is to launch a copy of your instance which has the new desired security group assigned.
To change the security group for an EC2 instance, you need to perform the following steps:
- Create an AMI image of the EC2 instance that you want to change. By default, creating an AMI image causes your EC2 instance to restart. Using command line options, you can avoid this restart. However, it is recommended to allow the restart to occur so that the file system is in a consistent state.
- Launch a new EC2 instance based on your newly created AMI image. You will want to copy the following values from your original instance:
- Instance type (micro, small, large, etc.)
- Availability Zone
- Kernel ID
- Subnet ID
- Ramdisk ID
- Simple or detailed monitoring
- Security key name
- User data
- Shutdown behaviour
- Verify that your new instance is working correctly.
- Transfer over your Elastic IP address if you have one assigned to your original instance.
- Delete the AMI image.
- Delete the snapshots created for the AMI image.
- Delete the original EC2 instance.
The above procedure is a long one with much data to copy to your new instance simply to change the security group.
Skeddly can duplicate your EC2 instance for you, while changing the security group. Create An Action