Setup security groups

Security Setup

Next, we need to secure the EC2 instances in both environments. First, let’s create security groups for the EC2 instance in the development environment.

  • In the Security section of the VPC console
  • Select Security groups
  • Click Create security group

2-image

We will enter the following settings for the security group of the EC2 instance in the development environment:

  • Name: dev-ec2-sg
  • Description: Allow SSH and other private connections
  • VPC: select development-vpc
  • In this example, we will restrict SSH access to the EC2 instance in the development environment. In Inbound Rules, add a rule:
    • Type: SSH
    • Source: My IP

2-image

Next, create a security group for the EC2 instance in the production environment:

  • Name: prod-ec2-sg
  • Description: Allow SSH and other private connections
  • VPC: select production-vpc
  • Inbound rules:
    • Protocol: SSH; Port range: 22; Source: 10.1.0.0/16 (Dev VCP)
    • Protocol: TCP; Port range: 80; Source: Anywhere IPv4 (0.0.0.0/0). Source should be from imga-nlb-sg in below

2-image

In image, I forget to add the second Inbound Rule :D

Once created, we now have the two desired security groups.

Finally, setup SG for Load Balancer and other resources

  • Name: imga-nlb`
  • Description: Allow SSH and other private connections
  • VPC: select production-vpc
  • Inbound rules:
    • Protocol: TCP; Port range: 80; Source: Anywhere IPv4 (0.0.0.0/0)
    • Protocol: ALL; Port range: ALL; Source: prod-ec2-sg

2-image

Re-check 2-image