What is security group in EC2?

It acts as a virtual firewall for your instance to control inbound and outbound traffic.

How many security group can be assigned to an instance?

Can assign max of 5 security group for a EC2 instances

Where can we create security group handling in AWS console?

In AWS console, go to Network => Security Groups => can create/edit/delete security group

Note: if u create a security group by default all are IPs/ports are blocked

How to assign security group to an instance ?

In AWS console, go to select EC2 instance => Actions => Networking => Change Security Groups

- Its common for the given account and found in Network => Security Groups
- Can mapped to a particular instances, AWS console => select instance => description => security group

What are all information can be found in security group?

Description  => group name, group description, group ID, VPC ID
Inbound      => allow the incoming traffic by different protocols/ports
Outbound    => allow outgoing traffic from the assigned resources

Note:

1) Any change in security group will immediately reflected in the assigned EC2 or other services (Load Balancer)

2) if you create an inbound rule then equivalent output rule is created automatically

Are security groups are stateful ?

Yes, if you send a request from your instance, the response traffic for that request is allowed to flow out regardless of inbound security group rules. i.e., Responses to allowed inbound traffic are allowed to flow out, regardless of outbound rules.

How to allow mention ALL IP ?

0.0.0.0/0 (allow all inbound/outbound IPv4 format)

::0/0 (allow all inbound/outbound IPv6 format )

Can default security group deleted?
No, default security group can't be deleted

How can be block a port or range of port?
It can be done in Network ACL

> Note: ACL Network access contolr list is a stateless. its for subnet level