Is there a way to add a description for AWS Security Group rules

Question

I have now 5 different security groups which I have tried to organize the best I can.

I sometimes need to open SSH access to some instances depending on what location I am in, so I add the rules from my current IP for inbound port 22. I can get in fine but in order to keep things tidy I would like to be able to specify that this IP is from Glasgow's office, this one's from London, NY etc. but I cannot see a way of putting that little bit or extra information.

We're several guys updating a security group and after a while some are forgetting to remove the temporary rules which can become a bit messy and make things difficult when we want to clean the security group and remove those temporary rules whilst keeping the permanent ones.

I cannot see anything in the docs that would allow me to add this little description beside each rule; did I miss something?

Answer 1

The answer to this question has recently changed.

Security group rules now have a Description field

AWS Announcement (August 31st, 2017) https://aws.amazon.com/about-aws/whats-new/2017/08/simplify-management-of-security-groups-with-security-group-rule-descriptions/

Amazon EC2 now allows customers to add a short description to individual security group rules. Using this functionality, customers can add details like when and why a certain security group rule was created or updated. This functionality simplifies management of security groups as customers no longer need to track this information using spreadsheets or documents.

Answer 2

No you did not miss some thing but there is no way where you can add description to the IPs in the security group. Another way you can arrange is create one master security group to the resource and multiple security groups by name of your office and attach those to the master security groups. And you will have to maintain separate documents for the IP address.