9. What is the Security Group in AWS?


A security group act as a basic virtual firewall for your instances. It helps in managing the traffic to your instances (EC2).

You can only set ‘allow‘ rules for inbound (incoming traffic) and outbound (outgoing traffic) rules. There are no DENY rules

This is stateful, What it means?

By default, you won’t have any inbound (incoming) and outbound (outgoing) traffic to your instances enabled. You let your instances communicate to the outer world or anyone we have to leverage security groups.

If you have set an inbound rule for HTTP for port 80 then the outgoing request will also be allowed. This means: anyone can reach your port 80 from HTTP and outgoing traffic would be also allowed without setting such rules for the request


Security groups are essential for security. It helps in controlling or setting the traffic rules for instance.


  • Type: Here we select the type of traffic request we are expecting – HTTP, ssh, HTTPS, etc.
  • Protocol: Here the protocol would be determined based on the ‘type’ value from AWS
  • Port Range: Here the port would be determined based on the ‘type’ from AWS. You can also edit the value. Eg: for the web, it is always 80 ports, for ssh, it would be 22, and for RDS it would be 3306
  • Source: this is where we would pick from where the traffic would come? Based on this the IP address can be set. If it is anywhere then it would be (allow to all), we can set custom IP address(s) too.
  • Description: custom description
Is it chargeable?No
Is it a Global or regional serviceRegional
Can we use the same security group with multiple instances?Yes
Can an Instance have multiple security Groups?Yes

How to create a security group?

Happy Learning!!

Leave a Reply