Securing my EC2 instances


Hi, I am pretty new to AWS. I have full admin access to the console.
We have 4 ec2 instances (DB, Proxy, UI and API). These servers are responsible for the website we have hosted on them.

  1. How do I make them secure so that they are not prone to any attackers? Any best practices, documentation would be helpful.
  2. Currently, the DB guy has locked down SSH to only his static IP (on his local machine). He uses it when there is a need to update Database using scripts. Can there be a workaround for that as this is a bottle neck situation for us with full dependency on him.
asked 2 months ago385 views
1 Answer

Hi, I am trying not to be too techie on this. You can make use of a mesh of the following:

  1. Security Groups: Think of these as virtual firewalls. You'll create different groups for your database, proxy, UI, and API servers. These groups will determine who can access them and through which ports. For example, you might only allow access to your database from the proxy server on a specific port.

  2. Outbound Traffic Control: By default, block all outgoing network traffic and only allow the ones you explicitly need. This ensures that your servers don't communicate unexpectedly with the outside world.

  3. IAM (Identity and Access Management): This is like setting up user accounts and permissions. You'll create separate accounts for administrators and developers and give them access only to what they need to do their jobs.

  4. Encryption at Rest: Make sure your data is safe even when it's stored. Encrypt the volumes where your data resides to protect it from unauthorized access.

  5. Secure Remote Access: Access your EC2 instances securely without needing to open traditional ports like SSH. This tool ensures your sessions are encrypted and can support additional layers of authentication for added security.

  6. Web Application Firewall (WAF): If you have web applications, consider using a firewall to filter incoming traffic. This helps protect your applications from common online threats.

  7. Monitoring Access Logs: Keep an eye on who's trying to access your servers and take action if you detect any unauthorized attempts. This helps maintain the security of your system.

profile picture
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions