If you are moving to the cloud and you are starting to use the Amazon Web Service environment to run your instances to run your computer and you need to secure them. So the primary thing you want to do when you are using the AWS firewall is to realise that a central in AWS firewall is a security group. A security group is nothing but a policy if you are used by other firewall vendors. The security groups act as a firewall for associated Amazon EC2 insurances, as it controls both inbound and outbound traffic at the instance level.
- One instance can have multiple Security Groups (SG)
- We can have any number of EC2 instances within a Security Groups
- Changes to SG take effect immediately
- They are Stateful in nature- If the incoming traffic is allowed the traffic is allowed to go out automatically, You do not need to specify any outbound rule for that traffic explicitly.
How Does The Inbound & Outbound Rule Work?
Inbound rule: While an organization or individual creating a secure group it does not have any inbound rules. Hence no inbound traffic which is originating from another host to your instance is permitted unless you add the inbound tiles to the Security Group
The outbound rule: The security group includes the outbound rule will allow all the traffic to be accessed.
The rules of the AWS firewalls is that it always allows and it can not deny the rules. All the rules are positive rules as they all allow the traffic that you specified.
The second thing is there will be no destination, there is a source where the traffic is allowed to come from but there will be no destination and the reason is that in the AWS security groups the destination is always you. It is always the instance on which this particular service security group is applied. So you can write a single security group and apply it to multiple instances and the security group will adapt itself and allow the traffic to the IP address of that instance where it is applied, as it is convenient.
You can also apply the same security group to multiple instances much like you can apply the same policy of a traditional firewall to multiple firewalls. As you can apply the same security group to multiple instances. This is more or less something that we are used to.
However, when you are in the Amazon environment it has done something we are less used to and that is you can actually apply multiple security groups to a single instance. So have many relationships where you can add multiple security groups associated with multiple instances and the way it works is that as an instance of security groups which are associated with it.
What Do You Need to Know About Security Groups?
Security groups are locked down to region/VPC combinations. So if you switch in another region you have to create a new security group or if you create another VPC and we will see what your PC’s are in there like later lectures as you have to recreate the security groups.
The security groups live outside the EC2 so if the traffic is blocked the EC2 instance won’t even see it. This is not like an application running on EC2 it is really a firewall outside your EC2 instance.
It is good to maintain one separate security group just for SSH access. Usually, SSH access is the most complicated thing and you really want to make sure that one is done correctly, so separating security groups for SSH access is advisable.
If your application is not accessible, then it should be the security issue. So if you try to connect any port and your computer will just hang and waits then it is probably a security group issue.
If you receive a connection refusing error then you actually get a response line “connection refused” then the security actually worked the traffic went through and the application was an error or it was not launched. So this is what you would get if you get a connection refused.
By default, all inbound is blocked and all outbound traffic is authorized.
Benefits of Amazon Security Service
The AWS Security service provides the user to safeguard their data, to monitor security activities, and accept responses. This solution will give the cloud users a belief to commerce with the cloud which benefits to pay less on the services.
As we all know among the well-known AWS security applications, EC2 is the best in business for secure and flexible computer capability. With EC2 the users can design and deploy applications through their computers with minimum or hardware limitations.
The Amazon Elastic Compute Cloud (EC2) enables the users to take on virtual systems to function applications in the form of virtual private servers. When compared with the physical servers these private servers are more cost-effective and it boots in a quick span of time instead to buy it, configure it and install.
Thus the Amazon Web Service (AWS) security provides a lot of benefit for the organization and individuals who are deep into the computing world.