Security Group

It is a network security that can attach to AWS service acting as a firewall. Security group control how traffic is allowed into AWS service.

There are 2 part that need to define to control traffic

1. Inbound rule

2. Outbound rule

Inbound Rule

It is the rule defined traffic that allow to access this service. by default It is not allow to access AWS service.

Outbound Rule

It is the rule defined traffic that allow service to go outside. by default It allows to use any port to go outside.

Example

Remark

• One Security Group can be attached to multiple instance

• Locked down to region (If you change the region then you need to create a new one)

• It is the component that live outside EC2 (If traffic is blocked the EC@ instance won't see it)

• If applcation is not accessible then it is security group issue (timeout error)

• If aplication gives a connection refused (application error -> not related security group)