you
my professor will this is our first
lesson in the introduction mm security
management series this lesson will focus
on the fundamentals of AWS security
groups so you're moving to the cloud and
you're starting to use the AWS
environment to run your instances to run
your computers and you need to secure
them so the first thing you want to do
when you're using the AWS firewall is to
realize that a central concept in the
AWS firewall is a security group
security group is something like this
it's what you would normally call a
policy if you're used to other firewall
vendors it's a collection of rules it's
a list of rules so here we see some
rules for the PCP on 4:22 so SH and
unity o 4.23 so NTP and they're ordered
in this way if you look at this and
you're used to other bar walls then you
can see that things are missing the
first thing is MIT that's missing is the
action there's no action to say if this
rule is allowing with dropping the
traffic that's because our AWS firewalls
the action is always allowed you cannot
write deny rules all the rules are
positive rules they all allow the
traffic that you specified the second
thing that you can see is missing is
that there is no destination there is a
source where the traffic is allowed to
come from in this case from one one one
but there's no destination and the
reason is that in the AWS firewall the
destination is always me it is always
the instance on which this particular
service security group is applied to so
you can write a single security group
and apply it to multiple instances and
the security group will adapt itself and
will allow the traffic to the IP address
of that instance where it's applied so
this is convenient and as I said you can
the same security group to multiple
instances much like you apply is the
same policy on a traditional firewall to
multiple fibers you can apply the same
policy in multiple firewalls you can
apply the same security group to
multiple instances this is more or less
something that we're used to however
when you're in the Amazon environment
Amazon has done something that we're
less used to and that is you can
actually apply multiple security groups
to a single instance so you actually
have a many-to-many relationship you can
add multiple security groups associated
with multiple instances and the way it
works is that an instance can inherit
the rules from all the security groups
that are associated with it so for
instance here I have in this example two
security groups one for Linux services
this is suitable for instances running
the Linux operating system so allowing
management remote management of those
computers and I have another system web
Sam another security group that's
suitable for web services for web
services so if you have instances that
are functioning as a web servers a web
server regardless of the operating
system then you need to allow HTTP HTTPS
to reach that web server so you have a
functional group of rules for web
servers and you have another functional
list of rules based on the operating
system and you can mix and match them so
you can have apply the little services
security group to all the little space
instances and you can apply the blue web
services security group to all the
instances that function as web servers
so regardless of the operating system
that they're running and you can see
that for instance this instance inherits
both these security groups because it's
running the Linux operating system and
it's functioning
as a web service and you can use this
type of arrangement to have multiple
security groups each focused on a
particular function or operating system
or campaign or what have you and then
you can mix and match them and apply
them to the instances to suit your needs
thank you for your attention and see you
next time
in the next class
