AWS Security Groups act like a firewall for your Amazon EC2 instances controlling both inbound and outbound traffic. AWS Security Groups are very flexible in nature and allow you to specify what type of traffic is allowed into and out of your EC2 Instances. With you having full control of what traffic patterns or inbound connectivity you allow, it is important that you mitigate as much risk as possible when opening up management and communication ports into your EC2 instance. An approach of least access should be put in place and only grant access to endpoints that require access. It is for this reason that DNS should not be opened up to the internet and is considered an EC2 security best practice. Ensuring that this communication is restricted will help you with NIST, GDPR & PCI-DSS Compliance.
Do you want to see all of your AWS EC2 Instances in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.learn more +
Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.learn more +