AWS Certified Solutions Architect - Professional
  • AWS Certified Solutions Architect - Professional
  • Accounts & Permissions
    • AWS Organizations
    • Service Control Policies
    • Security Token Service
    • Permissions Boundaries
    • Permissions Evaluation
    • AWS Resource Access Manager
    • Service Quotas
  • ADVANCED IDENTITIES & FEDERATION
    • SAML2.0 Identity Federation
    • IAM Identity Center
    • Amazon Cognito
    • Amazon Workspaces
    • Directory Service
    • AWS Control Tower
  • NETWORKING & HYBRID
    • Private and Public AWS Services
    • DHCP In a VPC
    • VPC Router
    • Stateful vs Stateless Firewalls
    • Network Access Control Lists
    • Security Groups
    • AWS Local Zones
    • Border Gateway Protocol
    • AWS Global Accelerator
    • IPSec VPN
    • Site2Site VPN
    • Transit Gateway
    • VPC Routing
    • Accelerated Site-to-Site VPN
    • AWS Client VPN
Powered by GitBook
On this page
  1. NETWORKING & HYBRID

Security Groups

Last updated 4 hours ago

  • A security group acts as a virtual firewall to control inbound and outbound traffic for your Elastic Network Interfaces (ENIs).

  • Security groups are applied at the ENI level, not the subnet level.

⚙️ Key Features

  • Inbound & Outbound Traffic:

    • Inbound: Controls the traffic coming into an ENI.

    • Outbound: Controls the traffic leaving an ENI.

  • Stateful:

    • If you allow incoming traffic, the response traffic is automatically allowed, regardless of outbound rules.

  • Applies to ENIs:

    • Security groups are associated with ENIs, meaning they can be applied to individual network interfaces in your instances.

🧠 Quick Summary

Feature
Description

Purpose

Control inbound and outbound traffic at the ENI level

Applied To

Elastic Network Interfaces (ENIs)

Stateful Nature

Automatically allows return traffic for approved inbound traffic