Menu
I set up a new region in EC2 and created a VPC network as well. The previous region was created by an offshore company and in the setup, the only security groups that I can see are from VPC. Security groups don't have a selection of EC2 and VPC as I'm only seeing one default.
In the second region, I see two defaults and a dropdown that lets me select/create security groups in both EC2 and VPC.
I can't seem to figure out how to remove the default security group in EC2. It says The security group 'default' is reserved Somehow this offshore team was able to do it in the other region. I tried from CLI and got the same error message
531
You can't delete a default security group. But, you can change the default security group's rules. For more information, see Default security groups for your VPCs.
In the navigation pane, choose Instances. Select your instance, and then choose Actions, Security, Change security groups. For Associated security groups, select a security group from the list and choose Add security group. To remove an already associated security group, choose Remove for that security group.
A default security group is named "default", and it has an ID assigned by AWS. The following table describes the default rules for a default security group. Allows inbound traffic from network interfaces and instances that are assigned to the same security group. Allows all outbound IPv4 traffic.
When you create a VPC, AWS automatically creates a default NACL for it. You can add and remove rules from a default NACL, but you can't delete the NACL itself.
You cannot delete that Security Group.
The reason for the difference between your two Regions is that one has been configured for both EC2 and VPC (most probably the US-East-1 Region) and the other is only configured for "VPC". The available options can be viewed in the top-right corner of your EC2 Dashboard page under "Account Attributes / Supported Platforms".
VPC refers to Virtual Private Cloud, which allows you to configure your own private network configurations. It is the default now for all Regions.
EC2 (commonly known as EC2-Classic) pre-dates VPC and uses a shared network space for all AWS customers. It has been progressively phased-out.
So, it would appear that your "previous region" has only VPC, while your "second region" (probably US-East-1) has both. The Default Security Group that you are trying to delete is part of EC2-Classic, and you cannot delete it. It isn't in your "previous region" because that region is not enabled for EC2-Classic.
Documentation on EC2-Classic vs EC2-VPC: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html
167
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
