diff --git a/cicd/devnet/terraform/main.tf b/cicd/devnet/terraform/main.tf
index f0a4b16adf..7b38b0c9ae 100644
--- a/cicd/devnet/terraform/main.tf
+++ b/cicd/devnet/terraform/main.tf
@@ -75,4 +75,48 @@ resource "aws_route_table" "devnet_route_table" {
 resource "aws_route_table_association" "devnet_route_table_association" {
   subnet_id      = aws_subnet.devnet_subnet.id
   route_table_id = aws_route_table.devnet_route_table.id
+}
+
+resource "aws_default_security_group" "devnet_xdcnode_security_group" {
+  vpc_id = aws_vpc.devnet_vpc.id
+
+  ingress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = -1
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  tags = {
+    Name = "TfDevnetNode"
+  }
+}
+
+resource "aws_security_group" "devnet_efs_security_group" {
+  name = "TfDevnetEfsSecurityGroup"
+  description = "Allow HTTP in and out of devnet EFS"
+  vpc_id = aws_vpc.devnet_vpc.id
+
+  ingress {
+    from_port   = 2049
+    to_port     = 2049
+    protocol    = "TCP"
+    security_groups = [aws_default_security_group.devnet_xdcnode_security_group.id]
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+  tags = {
+    Name = "TfDevnetEfs"
+  }
 }
\ No newline at end of file