top of page

How to set up an EC2 security group

You can create a security group in Amazon EC2 using the AWS Management Console, AWS Command Line Interface (CLI), or an SDK like Boto3 (for Python). Below, I'll outline how to create a security group using the AWS Management Console:


Using the AWS Management Console:


1. Sign in to the AWS Management Console:

Log in to your AWS account using your credentials. 2. Navigate to the EC2 Dashboard:


In the AWS Management Console, navigate to the EC2 dashboard by selecting "Services" and then choosing "EC2" under the "Compute" section.


3. Access the Security Groups Page:


In the EC2 dashboard, locate the "Network & Security" section in the left sidebar and click on "Security Groups."


4. Create a New Security Group:


On the Security Groups page, click the "Create Security Group" button.


5. Configure the Security Group:

Fill out the details for your security group:


Name: Provide a descriptive name for your security group.

Description: Optionally, add a description for the security group.

VPC: Select the Virtual Private Cloud (VPC) where you want to create the security group.


6. Add Inbound and Outbound Rules: Define the inbound and outbound rules to control the traffic to and from your instances. You can add rules for specific ports, IP addresses, and protocols.


- For inbound rules, click the "Add Rule" button under the "Inbound rules" section.

- For outbound rules, click the "Add Rule" button under the "Outbound rules" section.

Example of an inbound rule for allowing SSH (port 22) access:

- Type: SSH (22)

- Protocol: TCP

- Source: Specify the IP range or specific IP addresses allowed to access (e.g., 0.0.0.0/0 for any IP).


security group


7. Review and Create:

Review the configuration settings to ensure they are correct. After reviewing, click the "Create security group" button.

Confirm the security group's creation. Using AWS CLI

[root@siddhesh ~]# aws ec2 describe-security-groups
{
     "SecurityGroups": [
         { "Description": "launch-wizard-1 created 2023-10-21T10:51:12.057Z",
             "GroupName": "launch-wizard-1",
             "IpPermissions": [
                 {
                     "FromPort": 22,
                     "IpProtocol": "tcp",
                     "IpRanges": [
                         {
                             "CidrIp": "0.0.0.0/0"
                         }
                     ],
                     "Ipv6Ranges": [],
                     "PrefixListIds": [],
                     "ToPort": 22,
                     "UserIdGroupPairs": []
                 }
             ]
}
[root@siddhesh ~]# 




bottom of page