AWS - Security Groups



  • Security Group is a virtual firewall.
  • One instance can have multiple security groups.
  • All inbound traffic is blocked by default 
  • All outbound traffic is allowed by default.
  • Changes to security groups take effect immediately.
  • Any number of EC2 instances can be attached to a Security Group.
  • EC2 instances can be attached to multiple security groups.
  • Security groups are STATEFUL
    • If you create an inbound rule allowing traffic in, that traffic is immediately allowed out.
  • You can NOT block specific IP addresses using security groups, instead to block traffic use Network Access Control Lists (NACL)
  • You can only specify allow rules but not deny rules.


0 comments:

Post a Comment