You can create a security group in Amazon EC2 using the AWS Management Console, AWS Command Line Interface (CLI), or an SDK like Boto3 (for Python). Below, I'll outline how to create a security group using the AWS Management Console:
Using the AWS Management Console:
1. Sign in to the AWS Management Console:
Log in to your AWS account using your credentials. 2. Navigate to the EC2 Dashboard:
In the AWS Management Console, navigate to the EC2 dashboard by selecting "Services" and then choosing "EC2" under the "Compute" section.
3. Access the Security Groups Page:
In the EC2 dashboard, locate the "Network & Security" section in the left sidebar and click on "Security Groups."
4. Create a New Security Group:
On the Security Groups page, click the "Create Security Group" button.
5. Configure the Security Group:
Fill out the details for your security group:
Name: Provide a descriptive name for your security group.
Description: Optionally, add a description for the security group.
VPC: Select the Virtual Private Cloud (VPC) where you want to create the security group.
6. Add Inbound and Outbound Rules: Define the inbound and outbound rules to control the traffic to and from your instances. You can add rules for specific ports, IP addresses, and protocols.
- For inbound rules, click the "Add Rule" button under the "Inbound rules" section.
- For outbound rules, click the "Add Rule" button under the "Outbound rules" section.
Example of an inbound rule for allowing SSH (port 22) access:
- Type: SSH (22)
- Protocol: TCP
- Source: Specify the IP range or specific IP addresses allowed to access (e.g., 0.0.0.0/0 for any IP).
7. Review and Create:
Review the configuration settings to ensure they are correct. After reviewing, click the "Create security group" button.
Confirm the security group's creation. Using AWS CLI
[root@siddhesh ~]# aws ec2 describe-security-groups
{
"SecurityGroups": [
{ "Description": "launch-wizard-1 created 2023-10-21T10:51:12.057Z",
"GroupName": "launch-wizard-1",
"IpPermissions": [
{
"FromPort": 22,
"IpProtocol": "tcp",
"IpRanges": [
{
"CidrIp": "0.0.0.0/0"
}
],
"Ipv6Ranges": [],
"PrefixListIds": [],
"ToPort": 22,
"UserIdGroupPairs": []
}
]
}
[root@siddhesh ~]#
Commenti