Creating a security group

- [Instructor] So let's take a look at how to create a security group in AWS. No before I get started, I need to explain that a security group in AWS is a lot different than a security group as Microsoft would define it. In Microsoft speak, a security group is essentially a group of users that are given access to some resource. In AWS, a security group is really just a software firewall. So let's go ahead and get started. Right now, I'm logged in to the AWS console, and I've got the list of available services on the screen. So I'm going to go into EC2, which you can find in the Compute section, right here. So I'll click on EC2, and that's going to bring up the EC2 dashboard. And at this point, you'll see a list of the various EC2 components up at the top of the screen. And if you look at Security Groups, you can see that I've currently got six security groups, but let's go ahead and take a look at our existing security groups and create a new one. I'll go ahead and click on Security Groups, and here you can see my existing security groups. Now we could very easily create a new security group by clicking on the big blue button that says Create Security Group, but before I do that, I just want to take a look at one of the existing security groups. So what I'm going to do is select this checkbox, and then I'm going to go to Action, and you can see that we have Edit Inbound Rules and Edit Outbound Rules, so this truly is a software firewall. So I'm going to click on Edit Inbound Rules just so you can see what this looks like. And you can see that this particular security group has one inbound rule, and it allows RDP, or Remote Desktop Protocol traffic in the form of TCP on Port 3389. And we could add additional inbound rules by clicking Add Rule. So I'm going to cancel out of this and now let's go ahead and create a new security group. So I'm going to click on the Create Security Group button, and this is going to bring up the Create Security Group screen. So the first thing that I have to do is provide a name for the security group that I'm creating. I'm just going to call this Demo. Then the next thing that I have to do is enter a description for the security group. Now entering a description is always a best practice, but in most cases in AWS it's optional. Here however, you have to enter a description. So I'm going to go ahead and enter a description. I'll just type, Lab Security Group, and then we have to choose the Virtual Private Cloud, or VPC that we want to associate the security group with. Now, I've only got one VPC, but if I had more than one, then I could click the down arrow right here and select the VPC that I want to associate the security group with. Then the next step in the process is to create inbound and/or outbound rules. So you can see that I've got an Inbound tab and I've got an Outbound tab. So I'm going to go back to Inbound, and let's just create a rule. I'll click Add Rule, and so the first thing that we want to do is choose the type of rule that we want to create. And the nice thing about this is that Amazon has gone ahead and predefined a number of different protocols for us. So if I click the down arrow right here, we can see all sorts of different protocols. We have things like HTTP, POP3, IMAP, LDAP, HTTPS. So let's just do something really simple and create an HTTP rule. When I click HTTP, we can see that this rule is going to allow TCP packets on Port 80 to come in to the firewall. And we didn't even have to know that HTTP is normally mapped to Port 80. Port 80 was populated by default for us. So now, I could simply click, Add Rule again, or I could click Create to create the security group. Now before I do there's one last thing that we have to do, though. You'll notice that we've got another description field right here, so I'm going to go ahead and populate this. I'm just going to type, Allow Web Traffic. And so now, I click Create. And the new security group is created. You can see it right here. So that's how you create a security group in AWS.