DEV Community

Vishal Yadav
Vishal Yadav

Posted on

SECURITY GROUP IN AWS VPC

Secrity Groups

  • Security groups allow specific inbound and outbound traffic at resources level (ex: EC2 instance). when you launch a instance then you can associate it with one or more security groups. Each instance in your VPC could belong to different set of security groups. If you don’t specify a security , when you launching a instance then the instance is automatically associate with default security groups for it’s VPC.

  • You can assign a security group only to resources which created in same VPC as the security group. You can assign multiple security groups to a resource.

  • Security groups are stateful. For example, if you send a request from instance, the response traffic for that request is allowed to reach the instance regardless of the inbound security groups rules.

Security group example

  • The following diagram shows a VPC with two security groups and two subnets. The instances in subnet A have the same connectivity requirements, so they are associated with security group 1. The instances in subnet B have the same connectivity requirements, so they are associated with security group 2. The security group rules allow traffic as follows:

  • The first inbound rule in security group 1 allows SSH traffic to the instances in subnet A from the specified address range (for example, a range in your own network).

  • The second inbound rule in security group 1 allows the instances in subnet A to communicate with each other using any protocol and port.

  • The first inbound rule in security group 2 allows the instances in subnet B to communicate with each other using any protocol and port.

  • The second inbound rule in security group 2 allows the instances in subnet A to communicate with the instances in subnet B using SSH.

  • Both security groups use the default outbound rule, which allows all traffic.

Image description

Image of Docusign

🛠️ Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more

Top comments (0)

Image of Docusign

🛠️ Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay