VPC- Part 3 Security Groups and Network ACL in AWS
A security group acts as a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance. You add rules to each security group that allows traffic to or from its associated instances.
You can modify the rules for a security group at any time; the new rules are automatically applied to all instances that are associated with the security group after a short period. When we decide whether to allow traffic to reach an instance, we evaluate all the rules from all the security groups that are associated with the instance.
For example:
We will create two security groups:
- One that handles Database server
- One that handles web server
we are going to make some rules for the Web Server...
Now we will create a Security Group for DataBase Server
We want the traffic to come from the web server, so the Data Base server gets the information it needs from the Web Server
We have created 2 SG to host a Web server and a DB server
A network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC
VPC - Part 3
Reviewed by ohhhvictor
on
July 02, 2018
Rating:
Reviewed by ohhhvictor
on
July 02, 2018
Rating:
No comments: