Security Group question

Question

I'm such a newbe to all this AWS stuff, so don't laugh too hard. I'm trying to setup a very simple security group for my project instance. Basically, I'm building an instance that currently will only be accessed by me and one other "test person", who won't be doing anything other than viewing my pixel stream of my project progress and providing end user input. My hopes are to expand this one non-development test user to as many as 20 individuals, again only as viewers and not developers. I'm trying to figure out how to structure a security group for this scenario and have no clue how to do it or what input I should create.

Accepted Answer

No worries, we were all newbies at one time.

Simplifying things a lot, security groups are basically an allow list that allows traffic on certain ports from certain IP addresses.

Some documentation to start you off is at https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html and https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules.html

For your use case you may want to have access from your IP address on port 22 (to administer and underlying Linux instance), and some application-specific ports that need to be open.

You might not want to give the test user access at the platform level, so they might only need a subset of the application ports open from their IP address.

It's probably worth pointing out here that security groups are nothing to do with authenticating users, they're can't be used alongside passwords etc. to restrict access to the host.

Security Group question

相關內容