Nowadays many developers use Amazon Web Services for deploying their applications. But one issue they always face is how to configure the security group in AWS. It acts as a firewall to the cloud. You can be in great risk if you don’t know this concept and use of the Security Group. Therefore in this tutorial on “how-to, “ you will learn the following things.
What is the Security Group?
Accessing to the ports
Allowing Access to the IP ranges
Control of the Inbound and outbound Network
What is the Security Group?
In AWS security group acts as a firewall to the instance you have created. It makes rules or policies for the instance to allow or disallows connections to the instances. In fact, It regulates the inbound traffic and outbound traffic from your instance. Usually, the outbound traffic is open to all, but the inbound traffic is close. This is basically done to avoid major attacks on your instance that can crash and erase all the data in that instance. To allow the inbound traffic you have to create some rules (Inbound rules) to access the instance. Security Group regulates the following things for better security.
Access to the ports
Until you do not define which specific port should be authorized to access the instance, it doesn’t allow inbound traffic.
For example Lets your IP allowed port 23 for accessing the instance. Then Any traffic that comes from the same IP with the port 23 will be allowed but the traffic comes from the other ports will not allowed. To do this you have to change the Inbound rules in the security group of the instance. Go to Security Groups and create or edit the existing group. There you can add a new rule.
Allow Access to the IP ranges.
You can also add the IP ranges in the security group to allow access to the instance. When you edit in the security group then you will add your IP in your source. For example, I want to give access to my single IP 123.xxx.xxx.xxx only then add /32 after the IP address like this 123.xxx.xxx.xxx/32. And for the IP ranges, you have to put other numbers. Like you want to give access to 10 IP address only then add 123.xxx.xxx.xxx/30. The number after the / represents how many numbers of 1 bit in the given IP address.
Control the Inbound Network
Security groups allow you to control access from other networks to the instance. Thus it decides which to connect or not. There are many things you can add here like Custom TCP Rule, SSH, HTTP e.t.c. Each Serve the different purposes.
Control the Outbound Network
The access from the instance to the other network can be controlled by creating the rules for the outbound network. Just like you control the inbound network in the same way you can control the outbound network using the same things like Custom TCP.HTTP, HTTPS , e.t.c . Default outbound network is open to all and for those who have access to the inbound network.
Inbound and Outbound Rules affect the instance and also is a firewall to the instance. Therefore please add rules carefully. If you want to allow access to a particular IP address or inside organization then use the IP address ranges and if you want to allow to a particular IP using port then add rules for the port.
Join our list
Subscribe to our mailing list and get interesting stuff and updates to your email inbox.