How to do it...

1. Log in to your AWS account and open the VPC Dashboard as shown in the earlier recipe.
2. Click on Security Group in the left menu bar under the Security menu. The default SG created with the default VPC and other VPCs that we created in Chapter 1, Getting Started with AWS Networking Components, appears on the screen. If you click on Inbound Rules and Outbound Rules, you will see that all traffic, with all protocols from all ports, is allowed. So effectively, the firewall is all open and traffic from any source, protocol, and port can connect to the resources in this SG:

1. Click on Create Security Group. The following window will open. Put in the required details and the  VPC with which you want to associate the SG. Click on Yes, Create:

1. You can now see the new SG. However, there is one important difference from the default SGs: there are no Inbound Rules defined. This means no traffic is allowed inside this SG:

1. Click on the Edit button under Inbound Rules. You can select the traffic type from the options. For now, put SSH. In the Source, you can mention any valid CIDR range, such as your corporate DC CIDR range. For now, put 0.0.0.0/0. You can also mention the security groups in the same VPC. You can add any additional inbound rules by clicking Add another rule and add HTTP, as shown. Click on the Save button:

1. You can see that the SG Inbound Rules has been saved successfully. Click on Outbound Rules. You can see that all outgoing traffic types to all ports and all destinations are allowed. For now, we are not modifying this. However, you can modify it if required:

1. You can delete a particular SG by selecting Delete Security Group from the security group actions: