Security Groups in AWS

from aws, "a security group acts as a virtual firewall for your ec2 instances to control incoming and outgoing traffic " as virtucrypt processes secure information, it is recommended that you create a new security group to be assigned to the vap to create a new security group navigate to the network & security section in the left menu of the aws console and select security groups select \[ create security group ] fill in the requested fields the dropdown for vpc will list your organization's internal vpcs the vpc selected will be used to connect to the virtucrypt access point (vap) add an "inbound rule" to the security group by selecting \[ add rule ] security groups allow you to enforce rules with a high degree of granularity proceed with either option a or b, depending on your organization's security requirements option a referencing the example below, create an inbound rule, selecting "all traffic" from the type dropdown the protocol and port range will default to all the custom ip will be your organization's vpc subnets (recommendation is a minimum of three), as created earlier in the guide option b is more granular, and therefore, more secure, as it also includes custom port ranges provided by futurex referencing the example below, create an inbound rule, selecting "custom tcp" from the type dropdown the protocol defaults to tcp the port range is created by futurex and will be shared via email by your futurex representative as before, the custom ip will be your organization's vpc subnets, created earlier in the guide the difference being that you need to create separate rules for each subnet the "outbound rules" will default to allow all traffic you may elect to customize or adjust the outbound rule per your organizational policies (optional) add tags to the security group select \[ create security group ] return to the vpc service and navigate to the endpoints menu select your newly created endpoint so that it is highlighted in blue select the security groups tab, then select \[ edit security groups ] you can add to or replace the security group associated with the endpoint from the search bar multiple security groups can be associated with a single endpoint once you've finished making changes to the security group(s), select \[ save ]