Add Security Group to EC2 instance using AWS CDK Python

I am trying to deploy an EC2 with the following properties:

        EC2securitygroup = ec2.CfnSecurityGroup(
          self,
          "EC2SecurityGroup",
          group_description="Security group for EC2",
          group_name="EC2-security-group",
          vpc_id="vpc-xxxxxxxxxxxxxxx",
          security_group_ingress=[............])
        instance = ec2.Instance(self, "EC2instance",
          instance_type=ec2.InstanceType("t2.micro"),
          machine_image=amzn_linux,
          vpc = vpc,
          role = role,
          security_group = EC2securitygroup
        )

but the output from "cdk synth" shows empty SecurityGroupIds.

EC2Instance770AAE32:
  Type: AWS::EC2::Instance
  Properties:
    AvailabilityZone: us-east-2a
    IamInstanceProfile:
      Ref: EC2InstanceInstanceProfile4A6C6689
    ImageId:
      Ref: SsmParameterValueawsserviceamiamazonlinuxlatestamzn2amihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter
    InstanceType: t2.micro
    SecurityGroupIds: []

How come the security group in the code was not being used?
BTW, I verified the security group was created but not being used by the EC2.

Can someone point out where I did wrong?
Thank you!

The security_group prop of the ec2.Instance constructor expects an ISecurityGroup and you're passing a CfnSecurityGroup, so I'm not sure how this even synthed. Use the ec2.SecurityGroup construct instead.