Using Security Groups

awsWhen creating AWS instances, you are required to associate the instance with a security group.  This article describes the process of enabling access for a web server, but the principles contained could also apply to other server applications.

Visit the Amazon Web Service site to review AWS and to learn more.


Create a new Security Group

The default security group is a little to open for our purposes.  We will therefore create a new Security Group, to provide the minimum level of access, with the optimum level of security.

  1. Browse to https://console.aws.amazon.com/ec2/home
  2. Go to Services > EC2.
  3. Select Security Groups from the navigation pane on the left.
  4. Click Create Security Group.
  5. Enter a Name and Description (eg. WebServers, A security group for web servers).
  6. Click Yes, Create.

 

Configurations

You will now need to configure some ports for your newly created Security Group.

  1. Select your Security Group in the main page.
  2. In the lower pane, select the Inbound tab.
  3. For Create a new rule, select HTTP from the drop-down.
  4. Leave Source as 0.0.0.0/0 (this is the address for everyone).
  5. Click Add Rule.
  6. For Create a new rule, select SSH from the drop-down.
  7. Leave Source as 0.0.0.0/0 (this is the address for everyone).
  8. Click Add Rule.
  9. Click Apply Rule Changes.

 

SSH Access Options

It is good practice to only leave SSH access available for the time that you need it.  You should remove the SSH rule from the security group when it is not required.

Additionally you might want to configure SSH access only for the machine that you are working on.  If you want to try this option, you'll need your external IP address (if you are working from home, you should be able to access this from your internet router configuration).  I found that a netmask of /32 worked for my home account.

 

Thanks for visiting.