Please enable JavaScript.
Coggle requires JavaScript to display documents.
Explain the use of Security Group in aws - Coggle Diagram
Explain the use of Security Group in aws
Definition:
-A protection group controls inbound and outbound traffic for your instance by acting as a virtual firewall.
-If you don't define a security group when launching an instance with the Amazon EC2 API or a command line tool, the instance is automatically allocated to the VPC's default security group.
-When you use the Amazon EC2 console to launch an instance, you have the option of creating a new protection category for the instance.
Basics of a security group
For your VPC, the following are the basic characteristics of security groups:
Allow rules may be defined, but not refuse rules.
Inbound and outbound traffic will each have their own set of rules.
You can filter traffic using security community rules based on protocols and port numbers.
Collaboration with intelligence organizations
Modifying the default security group
A default protection category is included in your VPC.
Creating a security group
While the default protection category can be used for your instances, you may want to build your own to represent the various roles that instances play in your system.
Adding, removing, and updating rules
Any instances already allocated to the protection community are affected when you add or delete a law.
Changing an instance's security groups
You may modify the security groups associated with an instance after it has been launched into a VPC.
Deleting a security group
If there are no instances allocated to a protection category can it be deleted (either running or stopped).
Deleting the 2009-07-15-default security group
The 2009-07-15-default protection group is present in any VPC generated with an API version prior to 2011-01-01.
Differences between security groups for EC2-Classic and EC2-VPC
You can't use the protection groups you made for EC2-Classic instances with instances in your VPC.
Protection groups must be created explicitly for use with instances in your VPC.
A security group for EC2-Classic cannot be referenced in rules created for use with a VPC security group.