- Welcome my DevOps blog./
- 🔰Posts/
- 🗂️My Trainings/
- AWS Trainings and Certifications/
- 🏅AWS Certified Cloud Practitioner/
- Security Groups/
Security Groups
Table of Contents
Amazon Security Groups #
- Security Groups are the fundamental of network security in AWS
- They control how traffic is allowed in or out of our EC2 instances
- Security Groups only contain allow rules (as oppose to NACL or AWS Network Firewall)
- Security Groups rules can reference an IP or another Security Group
- Security Groups are acting as a “firewall” for EC2 instances
Security Groups scope #
- Access to Ports
- Authorized IP ranges - IPv4 and IPv6
- Control inbound network
- Control outbound network
Security Groups principals #
- Can be attached to multiple instances
- Locked down to a region / VPC combination
- Lives “outside” of an EC2 instance - if traffic is blocked, EC2 won’t see it
- It’s a good practice to maintain one separate SG for SSH access
- If application is not accessible (time out) then it’s a Security Group issue
- If application gives a “connection refused” error then it’s an application error or it’s not launched
- All inbound traffic is blocked by default
- All outbound traffic is allowed by default
» Sources « #
Full YouTube Rahul’s AWS Course: https://www.youtube.com/playlist?list=PL7iMyoQPMtAN4xl6oWzafqJebfay7K8KP
» Table of contents (CLF-C02) « #
» Disclaimer « #
This series draws heavily from Stephane Maarek’s Ultimate AWS Certified Cloud Practitioner course on Udemy.
His content was instrumental in helping me pass the certification.
| About the instructor | |
|---|---|
| 🌐 Website | 📺 YouTube |
| 𝕏 x.com |