Security Groups

Description

In the Amazon Web Services (AWS) ecosystem, Security Groups act as virtual firewalls that manage the traffic to and from your AWS resources, such as EC2 instances. Each security group is composed of a set of rules that define allowed inbound and outbound traffic. When you launch an instance, you must associate it with a security group, which dictates the network access for that instance. Security groups operate at the instance level, meaning that rules apply to the instances they're associated with, rather than to the entire network. They are stateful; if you allow an incoming request from an IP address, the response is automatically allowed back, regardless of outbound rules. This makes them particularly flexible and powerful for managing access in cloud environments. Security groups can be modified at any time, and changes are applied immediately, which is beneficial for dynamic environments where resource requirements can change quickly.

Examples

• A web server in an EC2 instance can have a security group allowing HTTP (port 80) and HTTPS (port 443) traffic from anywhere, while restricting all other traffic.
• A database server can be configured with a security group that permits incoming traffic only from specific IP addresses or another security group associated with application servers.

Additional Information

• Security groups are not associated with specific subnets but can be used across multiple instances in the same VPC.
• When using AWS services like RDS or Lambda, security groups can also define access controls for those services, ensuring that your architecture remains secure.

References

• What Is AWS Security Group: Best Practices, EC2 & More - Sentra
• Understanding AWS Security Groups: A Comprehensive Guide
• Control traffic to your AWS resources using security groups