AWS Classroomnotes 25/Jun/2023

AWS Networking Contd


  • Create two ec2 instance in two subnets of default vpc.
  • Try connectiong these ec2 instances from your system and also connecting between ec2 instances
  • Try repeating the above steps by creating your own vpc

Case 1: Default VPC with 2 ec2’s in two subnets with public ips

  • Created two ec2 instances with 22 port opened sg rule

Case 2: Custom VPC with 2 ec2

  • If the IGW is attached and connected to default route table and there is no other route table then it will work similar to default vpc

Security Groups

  • Security groups are like firewalls around network interfaces (ec2)
  • Security groups will have only allow rules
  • Security groups belong to vpc
  • Security group has two rule categories
    • incoming/ingress/inbound
    • outgoing/egresss/outbound
  • Each rule consists of the following
    • source/destination address
    • protocol
    • port
  • A network interface can have multiple security groups attached to it.
  • Every vpc will have a default security group
    • inbound all traffic from a specific security group
    • all outbound traffic is allowed
  • Lets try to create a security group without changing any rules
    • the default while creating is no inbound and allow everything outbound
  • Protocols supported in SG are

    • TCP
    • UDP
    • ICMP
  • The other layer of security is added by network acl
  • We will discuss on this security in next session

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner