Security Groups

• Security Groups are fundamental of network security in AWS

• They control how traffic is allowed into or out of our EC2 Instances

• Security Groups only contain 'allow' rules

• Security Groups rules can reference by IP or by security group

• Security Groups are acting as a firewall on EC2 instances

  • They regulate:Access to ports

  • Authorised IP ranges - IPv4 and IPv6

  • Control of inbound network

  • Control of outbound network

• Security Groups can be attached to multiple instances

• Locked down to a region/VPC combination

• Lives outside the EC2 Instance - if traffic is blocked the EC2 Instance won't see it

• Good to maintain one separate security group for SSH access

• If your application is not accessible (timeout), then it's a security group issue

• If your application gives a "Connection Refused" error, then it's an application error or it's not launched

• All inbound traffic is blocked by default

• All outbound traffic is authorised by default

Ports

• 22 = SSH (Secure Shell) - log into a Linux instance

• 21 = FTP (File Transfer Protocol) - upload files into a file share

• 22 - SFTP (Secure File Transfer Protocol) - upload files using SSH

• 80 - HTTP - access unsecured websites

• 443 - HTTPS - access secured websites

• 3389 - RDP (Remote Desktop Protocol) - log into a Windows instance