Security Group
- A security group is a virtual firewall which is controlling the traffic to your EC2 instances.
- When you first launch an EC2 instance, you can associate it with one or more security groups.
- A Security group is the first defence against hackers.
Let’s understand the concept of security group through an example.
- Sign in to the AWS Management console.
- Launch a new EC2 instance.
- Choose an Amazon Machine Image.
- Choose the instance type. Suppose I choose the instance, i.e., t2.micro, and then click on the Next.
- Now, configure the Instance details. Keep all the details as default, and then click on the Next.
- Attach the EBS Volume to your EC2 instance. By default, Root is the default EBS volume which is attached to your EC2 instance. Click on the Next.
- Add tags.
- Configure Security Group. Select an existing security group that you created previously, i.e., WebServer.
The above screen shows that a WebServer is a security group that consists of inbound rules such as protocol, port range, and source address.
- Click on the Review and Launch button.
From the above screen, we observe that the security group, WebServer is open to the world means that SSH port is open to the world.
- Click on the Launch button.
- Create a new key-pair. A key-pair allows you to connect to your instance securely.
- Click on the Launch Instances.
- A key-pair is generated with .pem extension. Convert the pem file into ppk file by using putygen tool.
- Open the putty.
- Enter the host name, i.e., [email protected], and save the host name in a session logging.
- Click on the SSH appearing on the right-side of the putty, move to the Auth and then attach the ppk file.
- Run the command sudo su to move to the root level and then update the EC2 instance by running the command yum update -y.
- Install the Apache server so that EC2 instance becomes a web server by running the command yum install httpd -y.
- Run the command cd /var/www/html to set the path.
- Now, create a text editor by using the command nano index.html.
- Start the Apache server by running the command service httpd start.
- After starting the server, copy the public IP address, and paste it to the browser.
- Security group consists of inbound rules, and the inbound rules are created by us only. Suppose I add three inbound rules, i.e., HTTP, SSH, and HTTPS.
- We can also delete the inbound rule. Suppose I want to delete the Http protocol, then click on the Edit button, and then click on the save button.
Deleting the HTTP protocol from the security group would not allow us to see the Http, and this change is applied to the group immediately.
Note: An inbound rule consists of a source of the traffic and port range. If we are implementing any rules in the security group, then it happens very quickly.
- We can also Edit the Outbound rule. Suppose I delete the All traffic rule, click on the Save button.
Copy and paste an IP address to the web browser and run it.
We got the same output. Therefore, we can say that it allows the traffic into an EC2 instance, and also will provide the responses without even any outbound rule set.
Note: When we add an inbound rule, then it automatically added in an outbound rule.
Move to the default security group. An Inbound rule of a default group consists of MYSQL/Aurora and RDP.
- We can add multiple groups to a single EC2 instance. Suppose I want to add a default security group to an EC2 instance. Move to the EC2 instance, click on the Actions dropdown menu. Move to the Networking, and then click on the Change Security Group.
- Now, check the default security group which you want to add to your EC2 instance.
Some important points to remember:
- All inbound traffic is blocked by Default, i.e., you need to add the traffic such as HTTP, HTTPs, etc.
- All outbound traffic is allowed automatically.
- You can have any number of EC2 instances within a security group.
- You can have multiple security groups attached to EC2 instance./li>
- Security groups are stateful, i.e., if you create an inbound rule allowing traffic in, that traffic is automatically allowed back out again.