A security group acts as a virtual firewall that controls the traffic for one or more instances. You can modify the rules for a security group at any time; the new rules are automatically applied to all instances that are associated with the security group.
- We can create a security group with certain rules and apply one security group to multiple servers.
- Each account will have default security group created.
- By default, security groups allow all outbound traffic.
To create a new security group using the console
- Open the Amazon EC2 dashboard
- In the left navigation pane, choose Security Groups and Create Security Group.
- Specify a name and description for the security group.
- You can start adding rules once it is created.E
- Each Security group will have description, inbound, outbound and tags information at the bottom which displays necessary information.
- Description – name, id, description and VPC id information will be shown.
- Inbound – What ports are open to connecting to the server
- Outbound – What or how an instance can connect to the other servers
- To update a security group, choose the instance and click on Actions–>Edit Inbound Rules/Edit Outbound Rules.
Troubleshooting the connection issues
- To check, whether the port number is connected or not, we can use Telnet.
- To connect telnet, we can use the below command
telnet <public_DNS> <port_number>