Using security groups to provide security to EC2 Instance

A security group acts as a virtual firewall that controls the traffic for one or more instances. You can modify the rules for a security group at any time; the new rules are automatically applied to all instances that are associated with the security group.

  • We can create a security group with certain rules and apply one security group to multiple servers.
  • Each account will have default security group created.
  • By default, security groups allow all outbound traffic.

To create a new security group using the console

  • Open the Amazon EC2 dashboard
  • In the left navigation pane, choose Security Groups and Create Security Group.
  • Specify a name and description for the security group.
  • You can start adding rules once it is created.E
  • Each Security group will have description, inbound, outbound and tags information at the bottom which displays necessary information.
    • Description – name, id, description and VPC id information will be shown.
    • Inbound – What ports are open to connecting to the server
    • Outbound – What or how an instance can connect to the other servers
    • To update a security group, choose the instance and click on Actions–>Edit Inbound Rules/Edit Outbound Rules.

Troubleshooting the connection issues

  • To check, whether the port number is connected or not, we can use Telnet.
  • To connect telnet, we can use the below command
telnet <public_DNS> <port_number>