You may not specify a referenced group id for an existing IPv4 CIDR rule. prompt when editing the Inbound rule in AWS Security Group

Question

In AWS EC2, I start a Classical Load Balancer in front of EC2 instance (security group of EC2 instance is launch-wizard-3).

I want to change the inbound rule of Security Group of EC2 instance . A security group for Classical Load Balancer (its name is my-first-load-balancer-sg) was also started. When I am changing source of an inbound rule of launch-wizard-3 to the my-first-load-balancer-sg, following error is prompted.

You may not specify a referenced group id for an existing IPv4 CIDR rule.

the inbound rule as follows

(type-HTTP, protocol-TCP, port rang-80, Source type- Custom, Source- my-first-load-balancer-sg(what i want to place) )

I tried many times to solve it, but I couldn't.

Answer 1

The root cause of problem is that source of a security group rule can be either CIDR block (0.0.0.0/0) or a security group ID (but not both at once).

So if the CIDR block is already added as a source of SG rule, selecting SG (and vice versa) gives error, "You may not specify an IPv4 CIDR for an existing referenced group id rule."

What I expected is that clicking on this cross icon removes one type and we can select another type. But that's not how it works:-

Instead, just delete that rule and then add new rule to get rid of the error:-

Answer 2

Delete your second default-created inbound rules and recreate new inbound rules

Answer 3

Delete the existing rule and add a new rule. It would work.

Answer 4

AWS Database security group configuration

Please follow the below process:

Answer 5

Your new rule is conflicting with the existing rules, so modify the existing rule or delete and save and then create a new rule altogether.

Answer 6

Simply delete and Add a new rule with the options you require.

Answer 7

I solved this from deleting the existing rule and creating a new rule