The most important part of the page is the Allowed ports and hosts table. Each row grants incoming network access to a range of ports using some protocol, such as TCP or UDP. To add a new port, select TCP from the Protocol column in a empty row, and enter the port number in the Start port field. To add a range of ports, enter a second number in the End port field in the new row.
By default, all hosts on the Internet are allowed to connect to the ports you open up. To restrict connections to selected hosts or networks, select Network/CIDR in the Hosts to allow column and enter a network address and CIDR size into the adjacent text box. For example, to allow the single host 76.102.155.133 you would enter 76.102.155.133/32. To allow an entire class C network, you could enter 76.102.155.0/24.
To grant access to all EC2 instances in a security group, fill in an empty row in the Allowed security groups. The first column is for selecting the EC2 account that owns the group, which will typically be your own. The second is for entering the group name to grant access.
When an existing security group is updated, the new port access rules will be immediately applied to all EC2 instances using that group. And they will be used by new systems created from now on in the group.