Introduction

Security groups are essential for controlling traffic to and from your EC2 instances. In this session, we explored how to manage security groups, adjust inbound and outbound rules, and troubleshoot connectivity issues. This hands-on approach will help you secure your AWS infrastructure effectively.

1. Accessing Security Groups

Step 1: Viewing Security Groups

• In the EC2 Console, click on Security under the instance details.
• Alternatively, go to Networking & Security → Security Groups for a full view.

Step 2: Identifying Security Groups

• Each security group has a unique ID (e.g., sg-xxxxxxxx).
• By default, AWS creates:
  1. Default security group (applies when no custom groups are assigned).
  2. Launch wizard security group (automatically created during EC2 setup).

2. Managing Inbound and Outbound Rules

Inbound Rules (Controlling Incoming Traffic)

• Inbound rules define which traffic is allowed into the EC2 instance.

• Example of default inbound rules:

  Type	Protocol	Port Range	Source	Purpose
  SSH	TCP	22	0.0.0.0/0	Allows remote access
  HTTP	TCP	80	0.0.0.0/0	Allows web traffic

• If port 80 (HTTP) is removed, accessing the website will timeout.

• Troubleshooting tip: If you cannot connect to an EC2 instance and get a timeout, the issue is most likely a missing security group rule.

Editing Inbound Rules

1. Go to Security Groups → Select a security group.
2. Click Edit Inbound Rules.