Segurity groups Link to heading

A virtual firewall.

Basics Link to heading

• Controls inbound and outbound traffic
• Inbound is blocked by default
• Outbound is allowed by default
• EC2: mutliple SGs can be assigned
• SGs are STATEFUL (ACLs are stateless)

Best practices Link to heading

• Don’t block specific ip address with SGs instead use NACLs