Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Practical AWS Networking

You're reading from   Practical AWS Networking Build and manage complex networks using services such as Amazon VPC, Elastic Load Balancing, Direct Connect, and Amazon Route 53

Arrow left icon
Product type Paperback
Published in Jan 2018
Publisher
ISBN-13 9781788398299
Length 258 pages
Edition 1st Edition
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
Mitesh Soni Mitesh Soni
Author Profile Icon Mitesh Soni
Mitesh Soni
Arrow right icon
View More author details
Toc

Security groups

A security group is a virtual firewall. It manages the traffic flow from and to AWS instances. It is easy to associate security group with instances in AWS as you can do it while creating an instance. You can assign up to five security groups at the time of launching instance or after launching the instance too. Each security group can serve one or more instances. Security groups are associated with the primary network interface (eth0) of an instance.

Each AWS account comes with a default security group for each VPC and for each region. By default, instances are associated with default security group. Default security group can't be deleted, and it allows all inbound traffic from other instances associated with the default security group and all outbound traffic from the instance.

There are some differences between security groups for EC2-Classic and EC2-VPC, and to know about them, visit: http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html#VPC_Security_Group_Differences.

Let's try to create a security group and see what exactly can be done.

  1. Go to EC2 or VPC dashboard Network & Security | Security Groups  click on Create Security Group.
  2. Provide security group name and select VPC to which the security group belongs.
  3. You need to configure security rules for inbound and outbound traffic, and based on this, traffic is controlled with the use of security group in AWS.  By default, a security group includes an outbound rule that allows all outbound traffic:
  1. Click on Add Rule and select Type, Protocol, Port Range, Source, and Description.
  2. You can create one or multiple rules based on the requirements.
  1. Click on Create and verify the security group in EC2 Dashboard or VPC Dashboard.

If the instance or the web server is not accessible using the putty or browser, then the first step to troubleshoot the issue is to figure out whether everything is fine with the security group and whether the appropriate rules are configured or not.

If you change the inbound or outbound traffic rules, then it will be applied to the instances immediately.

You have been reading a chapter from
Practical AWS Networking
Published in: Jan 2018
Publisher:
ISBN-13: 9781788398299
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image