- Practical AWS Networking
- Mitesh Soni
- 359字
- 2021-07-02 19:25:21
Security groups
A security group is a virtual firewall. It manages the traffic flow from and to AWS instances. It is easy to associate a security group with instances in AWS as you can do this while creating an instance. You can assign up to five security groups at the time of launching an instance or after launching the instance. Each security group can serve one or more instances. Security groups are associated with the primary network interface (eth0) of an instance.
Each AWS account comes with a default security group for each VPC and each region. By default, instances are associated with the default security group. The default security group can't be deleted, but it allows all inbound traffic from other instances associated with the default security group and all outbound traffic from the instance.
There are some differences between security groups for EC2-Classic and EC2-VPC. You can find out more at http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html#VPC_Security_Group_Differences.
Let's try and create a security group and look at what we can do:
- Go to the EC2 or VPC dashboard via Network & Security | Security Groups and click on Create Security Group.
- Provide a Security group name and select the VPC that the security group belongs to.
- You need to configure security rules for inbound and outbound traffic. Based on these rules, traffic is controlled with the use of a security group in AWS. By default, a security group includes an outbound rule that allows all outbound traffic:
- Click on Add Rule and select Type, Protocol, Port Range, Source, and Description.
- You can create one or multiple rules based on your requirements:
- Click on Create and verify the security group in the EC2 Dashboard or VPC Dashboard.
If the instance or the web server is not accessible via PuTTY or a web browser, then you need to troubleshoot the issue. To do this, you need to figure out whether everything is fine with the security group and whether the appropriate rules have been configured or not.
If you change the inbound or outbound traffic rules, then they will be applied to the instances immediately.
- 面向STEM的mBlock智能機(jī)器人創(chuàng)新課程
- 21天學(xué)通JavaScript
- 輕松學(xué)C#
- Circos Data Visualization How-to
- Mastering VMware vSphere 6.5
- MCSA Windows Server 2016 Certification Guide:Exam 70-741
- 人工智能工程化:應(yīng)用落地與中臺(tái)構(gòu)建
- Python Algorithmic Trading Cookbook
- 邊緣智能:關(guān)鍵技術(shù)與落地實(shí)踐
- 典型Hadoop云計(jì)算
- 機(jī)床電氣控制與PLC
- Creating ELearning Games with Unity
- Linux常用命令簡(jiǎn)明手冊(cè)
- 單片機(jī)C51應(yīng)用技術(shù)
- 歐姆龍PLC應(yīng)用系統(tǒng)設(shè)計(jì)實(shí)例精解