Over a million developers have joined DZone.

Amazon EC2 Security Groups

DZone's Guide to

Amazon EC2 Security Groups

· Cloud Zone ·
Free Resource

Learn how to migrate and modernize stateless applications and run them in a Kubernetes cluster.

Many of our customers run their environment on Amazon EC2, and a popular question that comes up is the configuration of security groups in EC2.

For a definition, let’s have a look at the EC2 developer guide:

security group acts as a firewall that controls the traffic allowed into a group of instances. When you launch an Amazon EC2 instance, you can assign it to one or more security groups. For each security group, you add rules that govern the allowed inbound traffic to instances in the group. All other inbound traffic is discarded. You can modify rules for a security group at any time. The new rules are automatically enforced for all existing and future instances in the group.

So, each instance must use a security group. In this post, I’ll detail what values should be given to the different security groups you have.

  1. Database servers
    1. Open ports
      1. TCP: 3306 (unless a different port is used for the database)
    2. Address
      1. IP address for every ScaleBase instance
  2. ScaleBase instances
    1. Open ports
      1. TCP: 9000
    2. Address
      1. Every application server you have.
  3. ScaleBase management
    1. Open ports
      1. TCP: 2701
    2. Address
      1. Your organization’s IP address range (or specific IP for users who use the admin console)


Source: http://www.scalebase.com/amazon-ec2-security-groups/

Join us in exploring application and infrastructure changes required for running scalable, observable, and portable apps on Kubernetes.


Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}