Skip to main content

How to Update AWS EC2 Security Group

               How to Update AWS EC2 Security Group


While launching an Amazon EC2 instance, determining a security group is essential to protect your cluster. A security group (SG) is nothing but a virtual firewall that restricts traffic for several EC2 instances. You can create this security group in either EC2-Classic or EC2-VPC. When launching an Amazon EC2 instance, you need to specify its security group.  It allows you to choose which protocols and ports are open to computers over the internet.  You can choose to use the default security group and then customize it, or you can create your own security group.  Configuring a security group can be done with code or using the Amazon EC2 management console.
In the process of Launch an Instance, we created a security group that enabled HTTP over port 80. The security group allows all traffic to access the Amazon EC2 instance directly over HTTP/ 80. because of an Elastic Load Balancer. But a more secure method is, to allow only the load balancer to access your Amazon EC2 instance. In addition, because we have launched two new instances with our Auto Scaling group, we want all the instances to access the information from one database so that the information presented to the user will stay in sync. To do so, we need to set up a new rule so that the new instances can query the database on the original instance by using MySQL. In this task, you will update your security group to allow only the load balancer to access your Amazon EC2 instance, over HTTP/ 80 and allow only the instances inside the webappsecuritygroup to accept inbound traffic over 3306/ MySQL. There are several ways you can set up your database, including setting up a dedicated database server or using Amazon RDS. Setting up a database is beyond the scope of this document. For more information about setting up Amazon RDS for your web application, go to Step 8: Add Amazon RDS inside the Getting Started Guide Web Application Hosting for Linux.
Things to be considered:
  • A security group’s permission includes rules that apply to IP protocols.
  • Once a security group’s name is specified, it cannot be changed.
  • You must assign each server to at least one server group.
  • Assign different security groups for different deployments in your Dashboard.
Configuring your security group:
  • Open the Amazon EC2 console at https:// console.aws.amazon.com/ ec2/.
  • In the Navigation pane, in the Region list, click US East (Virginia).
  • In the Navigation pane, click Security Groups.
  • On the Security Groups page, click the security group webappsecuritygroup that you created in the previous procedure.
  • Under Security Group, click the Inbound tab.
  • In the row that displays port 80 (HTTP), click Delete.
  • In the Create a new rule list, click HTTP.
  • In the Source box, type amazon-elb/ amazon-elb-sg. This is the name of the security group that AWS assigns to the Elastic Load Balancer. Click Add Rule.
  • In the create a new rule drop-down box, click MYSQL.
  • In the source box, type webappsecuritygroup. Select the security group ID for the webappsecuritygroup when it appears.
  • Click add a  rule.
  • Click apply rule changes.
?
Note: The rules of this security group will be enforced when the instances that use these rules are launched.
Now that you have configured your Amazon EC2 security group, you can move on to further post Launch Amazon EC2 Instances Using Auto Scaling.

Comments

Post a Comment

Popular posts from this blog

AWS S3 Simple Storage Service

                             Amazon  S3  (Simple Storage Service) Amazon Simple Storage Service is storage for the Internet. It is designed to make web-scale computing easier for developers. Amazon  S3  has a simple web services interface that you can use to store and retrieve any amount of data, at any time, from anywhere on the web. What Is Amazon S3? Amazon Simple Storage Service is storage for the Internet. It is designed to make web-scale computing easier for developers. Amazon S3 has a simple web services interface that you can use to store and retrieve any amount of data, at any time, from anywhere on the web. It gives any developer access to the same highly scalable, reliable, fast, inexpensive data storage infrastructure that Amazon uses to run its own global network of web sites. The service aims to maximize benefits of scale and to pass those benefit...
37 comments
Read more

AWS Route 53 & Routing Policy

Amazon Route 53 You can use Amazon Route 53 to register new domains, transfer existing domains, route traffic for your domains to your AWS and external resources, and monitor the health of your resources. Amazon  Route 53  ( Route 53 ) is a scalable and highly available Domain Name System (DNS). It is part of Amazon.com's cloud computing platform, Amazon Web Services (AWS). The name is a reference to TCP or UDP port  53 , where DNS server requests are addressed. ...  Route 53's  servers are distributed throughout the world. DNS management If you already have a domain name, such as example.com, Route 53 can tell the Domain Name System (DNS) where on the Internet to find web servers, mail servers, and other resources for your domain. Learn More Traffic management Route 53 traffic flow provides a visual tool that you can use to create and update sophisticated routing policies to route end users to multiple endpoints for your application. Le...
6 comments
Read more

Amazon EBS Elastic Block Store

     Amazon Elastic Block Store Amazon  Elastic Block Store  (Amazon  EBS ) provides persistent block storage volumes for use with Amazon EC2 instances in the  AWS  Cloud. Each Amazon  EBS volume is automatically replicated within its Availability Zone to protect you from component failure, offering high availability and durability. Amazon Elastic Block Store (Amazon EBS) provides persistent block storage volumes for use with  Amazon EC2  instances in the AWS Cloud. Each Amazon EBS volume is automatically replicated within its Availability Zone to protect you from component failure, offering high availability and durability. Amazon EBS volumes offer the consistent and low-latency performance needed to run your workloads. With Amazon EBS, you can scale your usage up or down within minutes – all while paying a low price for only what you provision. Amazon EBS is designed for application workloads that benefit from fine tu...
18 comments
Read more