Aws security group

A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance. Security groups act at the instance level, not the subnet level. Therefore, each instance in a subnet in your VPC can be assigned to a different set of security groups.

Create a security group

*Open the Amazon VPC console at https://console.aws.amazon.com/vpc/

*In the navigation pane, choose Security Groups.

*Choose to Create a security group.

*Enter a name for the security group (for example, my-security-group), and then provide a description.

*From VPC, select the ID of your VPC.

*Add or remove a tag(optional)

Choose to add a new tag and do the following:

*For Key, enter the key name.

*For Value, enter the key value.

Choose to Remove to the right of the tag’s Key and Value.

*Choose to Create.

ACL - create and assign

A network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets

Creating an AWS Network ACL

To create an ACL from the AWS Console, select ‘VPC > Network ACLs > Create Network ACL’. Enter a name for your ACL and select the VPC in which you want it to reside. Then select ‘Yes, Create’.

Amazon automatically generates an AWS ACL ID and that your new ACL is not yet associated with any subnets in your chosen VPC. To associate it to one or more subnets, select the Subnet Associations tab, and then Edit. Then, select the subnets you wish to be associated with and click Save. Those Subnets will then use your NACL for all inbound and outbound traffic.

Now it’s time to create some custom rules. Until you do, there will only be a default rule that will ‘Deny’ all traffic that’s either inbound or outbound (as opposed to a default AWS Network ACL which starts fully open). Unless you tell the ACL otherwise, it will block everything.

To configure your ACL’s Inbound and Outbound rules, click on the appropriate tab, and then on Edit.