Resolution
----------

New security groups have only an outbound rule to allow traffic by default. Security groups associated with an Amazon EC2 instance control inbound and outbound traffic for the instance. You must add rules to security groups to allow inbound traffic or restrict outbound traffic with your Amazon Virtual Private Cloud (Amazon VPC).

For example, applications hosted on port 80 or 443 on the Amazon EC2 instance must allow users to connect with an inbound rule. For HTTP traffic, add an inbound rule on port 80 from the source address 0.0.0.0/0. For HTTPS traffic, add an inbound rule on port 443 from the source address 0.0.0.0/0. For more information, see [Example inbound and outbound rules](https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html#security-group-rule-examples).

To create a new security group, see [Create a security group](https://docs.aws.amazon.com/vpc/latest/userguide/security-groups.html#creating-security-groups). To add rules to a security group, see [Add rules to a security group](https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html#adding-security-group-rules).

To assign a security group on an Amazon EC2 instance when you launch the instance, see [Assign a security group to an instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-security-groups.html#assigning-security-group).

To modify a security group after an instance is launched, see [Change an instance's security group](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-security-groups.html#changing-security-group).

For more information, see [Control traffic to your AWS resources using security groups](https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html).

Related information
-------------------

[Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html)

I want to allow access to an application on my Amazon Elastic Compute Cloud (Amazon EC2) instance using security groups.

Allow access to EC2 applications with a security group

How do I allow access to an application on an EC2 instance with a security group?

Compute

Allow Listing in AWS Security Groups

How can I find the resources associated with an Amazon EC2 security group?

How can I copy rules from an existing security group to a new security group?

How do I restrict access to SSH port 22 in my Elastic Beanstalk instance security group to a specific CIDR or security group?

Why can't I connect to a service when the security group and network ACL allow inbound traffic?

Allow Internet Access based on DNS, Outbound Security Group only allow to enter IP Address not DNS name..

Network Firewall, stateful rules engine allows traffic to pass by default, while the security groups default is to deny traffic

How to setup an EC2 Security Group to only allow inbound traffic on a port from the API Gateway only

What rules should I add to my custom security group to avoid using the default VPC security group and still pass the health check?

Security Group to allow aws cli

How do I allow access to an application on an EC2 instance with a security group?

Resolution

Related information

Relevant content