Adds one or more ingress rules to a security group. This action applies to both EC2 security groups and
VPC security groups.
For EC2 security groups, this action gives one or more CIDR IP address ranges permission to access a
security group in your account, or gives one or more security groups (called the source groups) permission
to access a security group in your account. A source group can be in your own AWS account, or another.
For VPC security groups, this action gives one or more CIDR IP address ranges permission to access a
security group in your VPC, or gives one or more other security groups (called the source groups)
permission to access a security group in your VPC. The groups must all be in the same VPC.
Each rule consists of the protocol (e.g., TCP), plus either a CIDR range or a source group. For the TCP
and UDP protocols, you must also specify the destination port or port range. For the ICMP protocol, you
must also specify the ICMP type and code.You can use -1 for the type or code to mean all types or all
codes.
Rule changes are propagated to instances within the security group as quickly as possible. However, a
small delay might occur.