The Cloud
Now Reading
Lock down your VPC with AWS security groups

Lock down your VPC with AWS security groups

by KieranJune 16, 2015

It’s important to keep your online empire secure. Through AWS we do that with security groups.

Within your VPC you can have, by default, up to 100 security groups. Each group can have up to 50 rules. By default, we are allowed to launch 5 VPCs – we need to request to increase the limit if we need

Instances associated with a security group cannot communicate with each other unless ports are open to these instances UNLESS they are in the default security group.

VPC security groups can be changed after an instance is launched – this was not possible in EC2 classic

Follow the below steps to get familiar with vpc security groups

  1. Open the EC2 console

  2. Launch 2 instances

  3. Go to VPC menu item

    1. Click on the security groups link

    2. By default outbound ports are all open but incoming ports are denied by default

    3. Instances using default VPC can communicate with one another because of the way the default security group is configured

    4. Click on the “inbound rules” tab of a security group

      1. Type = all traffic

      2. Protocol = all

      3. Port range = all

      4. Source = security group ID

    5. If you SSH to the new server, you can type curl server2 IP – this should (if configured correctly) return some details about server 2

You can enable this connection by enabling:

  • Connection from a specific subnet

  • Connection from a specific IP

  • Connection from a specific security group

Image used under creative commons

This article was brought to you by Netshock. Netshock aim to provide technology guides and insight to our readers

What's your reaction?
Love It
Hate It
About The Author

My name is Kieran, I love to see how technology can drive business growth. I started the Netshock technology blog as a place to share my thoughts and experiences with a wider audience. I cover all sorts of topics, from marketing to development.