How to add ICMP Echo Request to AWS Security Group from the CLI

The answer to this question is: you need to use –ip-permissions. There does not seem to be any other way to do it. Here is an example (all one line!):

aws ec2 authorize-security-group-ingress --group-id sg-000000000000000 --ip-permissions IpProtocol=icmp,FromPort='8',ToPort=-1,IpRanges=[{CidrIp=}]

The icmp echo request is designated as type 8, code N/A. It was not obvious that in order to set code=N/A you must set ToPort to -1. Figuring this out took way longer than it should have taken.

This entry was posted in AWS, cli. Bookmark the permalink.

Comments are closed.