- Security Group is a virtual firewall.
- One instance can have multiple security groups.
- All inbound traffic is blocked by default
- All outbound traffic is allowed by default.
- Changes to security groups take effect immediately.
- Any number of EC2 instances can be attached to a Security Group.
- EC2 instances can be attached to multiple security groups.
- Security groups are STATEFUL
- If you create an inbound rule allowing traffic in, that traffic is immediately allowed out.
- You can NOT block specific IP addresses using security groups, instead to block traffic use Network Access Control Lists (NACL)
- You can only specify allow rules but not deny rules.
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment