Create EC2 Security Group

Creating a Security Group for EC2 Instances

ℹ️ Information: Security groups act as virtual firewalls for your Amazon EC2 instances to control inbound and outbound traffic. For our RDS deployment, we need to create a security group for EC2 instances that will connect to our database.

Follow these steps to create a security group with the necessary ports:

  1. Navigate to the AWS Management Console and sign in to your account.

  2. In the AWS Management Console, search for and select EC2 under services.

  3. In the EC2 navigation pane, under Network & Security, select Security Groups.

  4. Click the Create security group button.

Create a Security Group

  1. In the Basic details section:
    • Enter a descriptive Security group name (e.g., “EC2-Web-App-SG”)
    • Provide a meaningful Description (e.g., “Security group for EC2 instances connecting to RDS”)
    • Select your VPC from the dropdown menu

Configure Security Group Details

  1. In the Inbound rules section, click Add rule to configure the following access:

    • HTTP (80): Select “HTTP” from the Type dropdown (automatically sets port 80)
    • HTTPS (443): Select “HTTPS” from the Type dropdown (automatically sets port 443)
    • Custom TCP (5000): Select “Custom TCP” and enter “5000” in the Port range field
    • SSH (22): Select “SSH” from the Type dropdown (automatically sets port 22)

    🔒 Security Note: For production environments, restrict the source IP addresses for SSH access to only trusted IP ranges rather than allowing access from anywhere (0.0.0.0/0).

Configure Inbound Rules

  1. Review your settings and click Create security group.

Create the Security Group

  1. Once created, the new security group appears in your security groups list. Note the Security Group ID as you’ll need it when launching EC2 instances.

Security Group Created

💡 Pro Tip: You can modify security group rules at any time, and the changes take effect immediately. This allows you to adjust access controls as your application requirements evolve.

⚠️ Warning: Security groups are stateful — if you allow inbound traffic on a specific port, the corresponding outbound response traffic is automatically allowed, regardless of outbound rules.