In AWS, a Security Group acts as a virtual firewall for your instances to control inbound and outbound traffic. It defines rules that specify the allowed protocols, ports, and IP ranges for incoming and outgoing traffic. Here's a breakdown:
Key Features:
- Stateful: If you allow incoming traffic to a port (e.g., SSH on port 22), the response traffic is automatically allowed, even if no explicit outbound rule exists.
- Inbound Rules: These determine what traffic is allowed to enter the instances associated with the security group.
- Outbound Rules: These specify what traffic is allowed to leave the instances.
- Instance Level: Security groups are applied at the instance level, meaning that each instance can have multiple security groups, and each group can be associated with multiple instances.
- Default Behavior: By default, all inbound traffic is denied, and all outbound traffic is allowed.
Example Use Case:
For a web server, you might have an inbound rule allowing HTTP (port 80) and HTTPS (port 443) traffic from anywhere, and an SSH (port 22) rule to allow access only from specific IP addresses.
Comparison with Network ACLs:
Security Groups are stateful, meaning that you don't need to create both inbound and outbound rules for connections.
Network Access Control Lists (NACLs) are stateless, so both inbound and outbound rules must be explicitly configured.
Want to know about how to add security group? Explore the article