Security groups in AWS

in aws, a security group acts as a virtual firewall for your ec2 instances to control incoming and outgoing traffic as {{vc}} processes secure information, we recommend creating a new security group to assign to the vap to create a new security group, perform the following steps go to the network & security section in the left side menu of the aws console and select security groups select \[ create security group ] fill in the requested fields the drop down list for vpc displays your organization's internal vpcs the vpc you select connects to the vap add an inbound rule to the security group by selecting \[ add rule ] security groups allow you to enforce rules with a high degree of granularity proceed with one of the following options, depending on your organization's security requirements option a referencing the following example, create an inbound rule select all traffic from the type drop down list the protocol and port range default to all the custom ip is vpc subnets for your organization (we recommend a minimum of three), as created earlier in the guide create a security group option a option b this choice is more granular, and therefore, more secure, because it also includes custom port ranges that {{futurex}} provides referencing the following example, create an inbound rule select custom tcp from the type drop down list the protocol defaults to tcp {{futurex}} creates the port range, and your {{futurex}} representative share it in an email the custom ip address is one of the vpc subnets for your organization, created earlier in the guide the difference from option a is that you must create separate rules for each subnet instead of including all thrree subnets in one rule creating a security group option b the outbound rules l default to allow all traffic you can customize or adjust the outbound rule per your organizational policies (optional) add tags to the security group select \[ create security group ] return to the vpc service and go to the endpoints menu select your newly created endpoint so that it is highlighted in blue go to the security groups tab, and select \[ edit security groups ] you can add to or replace the security group associated with the endpoint from the search bar you can associate multiple security groups with a single endpoint after you finish making changes to the security group(s), select \[ save ]