[{"data":1,"prerenderedAt":220},["ShallowReactive",2],{"term-s\u002Fsecurity-group":3,"related-s\u002Fsecurity-group":195},{"id":4,"title":5,"acronym":6,"body":7,"category":174,"description":175,"difficulty":176,"extension":177,"letter":178,"meta":179,"navigation":110,"path":180,"related":181,"seo":189,"sitemap":190,"stem":193,"subcategory":6,"__hash__":194},"terms\u002Fterms\u002Fs\u002Fsecurity-group.md","Security Group",null,{"type":8,"value":9,"toc":168},"minimark",[10,15,19,23,26,30,157,161,164],[11,12,14],"h2",{"id":13},"eli5-the-vibe-check","ELI5 — The Vibe Check",[16,17,18],"p",{},"A security group is a firewall for your cloud resources. You write rules like 'allow port 443 from anywhere' or 'allow port 5432 only from the app servers.' If a rule doesn't exist, the traffic is blocked. It's the bouncer deciding who gets into the VIP cloud party.",[11,20,22],{"id":21},"real-talk","Real Talk",[16,24,25],{},"An AWS Security Group acts as a virtual firewall for EC2 instances, RDS databases, and other resources. It controls inbound and outbound traffic using allow rules (no deny rules — traffic not matched is implicitly denied). Rules specify protocol, port range, and source\u002Fdestination (IP, CIDR, or another security group).",[11,27,29],{"id":28},"show-me-the-code","Show Me The Code",[31,32,37],"pre",{"className":33,"code":34,"language":35,"meta":36,"style":36},"language-bash shiki shiki-themes material-theme-lighter material-theme material-theme-palenight","# Create a security group allowing HTTPS from anywhere\naws ec2 create-security-group \\\n  --group-name web-sg \\\n  --description \"Web server security group\" \\\n  --vpc-id vpc-12345678\n\naws ec2 authorize-security-group-ingress \\\n  --group-id sg-12345678 \\\n  --protocol tcp --port 443 --cidr 0.0.0.0\u002F0\n","bash","",[38,39,40,49,67,78,96,105,112,124,135],"code",{"__ignoreMap":36},[41,42,45],"span",{"class":43,"line":44},"line",1,[41,46,48],{"class":47},"sHwdD","# Create a security group allowing HTTPS from anywhere\n",[41,50,52,56,60,63],{"class":43,"line":51},2,[41,53,55],{"class":54},"sBMFI","aws",[41,57,59],{"class":58},"sfazB"," ec2",[41,61,62],{"class":58}," create-security-group",[41,64,66],{"class":65},"sTEyZ"," \\\n",[41,68,70,73,76],{"class":43,"line":69},3,[41,71,72],{"class":58},"  --group-name",[41,74,75],{"class":58}," web-sg",[41,77,66],{"class":65},[41,79,81,84,88,91,94],{"class":43,"line":80},4,[41,82,83],{"class":58},"  --description",[41,85,87],{"class":86},"sMK4o"," \"",[41,89,90],{"class":58},"Web server security group",[41,92,93],{"class":86},"\"",[41,95,66],{"class":65},[41,97,99,102],{"class":43,"line":98},5,[41,100,101],{"class":58},"  --vpc-id",[41,103,104],{"class":58}," vpc-12345678\n",[41,106,108],{"class":43,"line":107},6,[41,109,111],{"emptyLinePlaceholder":110},true,"\n",[41,113,115,117,119,122],{"class":43,"line":114},7,[41,116,55],{"class":54},[41,118,59],{"class":58},[41,120,121],{"class":58}," authorize-security-group-ingress",[41,123,66],{"class":65},[41,125,127,130,133],{"class":43,"line":126},8,[41,128,129],{"class":58},"  --group-id",[41,131,132],{"class":58}," sg-12345678",[41,134,66],{"class":65},[41,136,138,141,144,147,151,154],{"class":43,"line":137},9,[41,139,140],{"class":58},"  --protocol",[41,142,143],{"class":58}," tcp",[41,145,146],{"class":58}," --port",[41,148,150],{"class":149},"sbssI"," 443",[41,152,153],{"class":58}," --cidr",[41,155,156],{"class":58}," 0.0.0.0\u002F0\n",[11,158,160],{"id":159},"when-youll-hear-this","When You'll Hear This",[16,162,163],{},"\"Open port 3000 in the security group for the dev server.\" \u002F \"The database security group only allows traffic from the app security group.\"",[165,166,167],"style",{},"html pre.shiki code .sHwdD, html code.shiki .sHwdD{--shiki-light:#90A4AE;--shiki-light-font-style:italic;--shiki-default:#546E7A;--shiki-default-font-style:italic;--shiki-dark:#676E95;--shiki-dark-font-style:italic}html pre.shiki code .sBMFI, html code.shiki .sBMFI{--shiki-light:#E2931D;--shiki-default:#FFCB6B;--shiki-dark:#FFCB6B}html pre.shiki code .sfazB, html code.shiki .sfazB{--shiki-light:#91B859;--shiki-default:#C3E88D;--shiki-dark:#C3E88D}html pre.shiki code .sTEyZ, html code.shiki .sTEyZ{--shiki-light:#90A4AE;--shiki-default:#EEFFFF;--shiki-dark:#BABED8}html pre.shiki code .sMK4o, html code.shiki .sMK4o{--shiki-light:#39ADB5;--shiki-default:#89DDFF;--shiki-dark:#89DDFF}html pre.shiki code .sbssI, html code.shiki .sbssI{--shiki-light:#F76D47;--shiki-default:#F78C6C;--shiki-dark:#F78C6C}html .light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html.light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}",{"title":36,"searchDepth":51,"depth":51,"links":169},[170,171,172,173],{"id":13,"depth":51,"text":14},{"id":21,"depth":51,"text":22},{"id":28,"depth":51,"text":29},{"id":159,"depth":51,"text":160},"cloud","A security group is a firewall for your cloud resources. You write rules like 'allow port 443 from anywhere' or 'allow port 5432 only from the app servers.","intermediate","md","s",{},"\u002Fterms\u002Fs\u002Fsecurity-group",[182,183,184,185,186,187,188],"VPC","Subnet","AWS","IAM","EC2","RDS","Firewall",{"title":5,"description":175},{"changefreq":191,"priority":192},"weekly",0.7,"terms\u002Fs\u002Fsecurity-group","hmncghkzwh9h2XEVgr7d7deHAByPz-Ve2EAKvreDNCg",[196,201,205,209,213,217],{"title":184,"path":197,"acronym":198,"category":174,"difficulty":199,"description":200},"\u002Fterms\u002Fa\u002Faws","Amazon Web Services","beginner","AWS is like a giant magical warehouse where you can rent computers, storage, databases, and basically anything tech-related — by the minute.",{"title":186,"path":202,"acronym":203,"category":174,"difficulty":176,"description":204},"\u002Fterms\u002Fe\u002Fec2","Elastic Compute Cloud","EC2 is AWS's way of renting you a virtual computer in the cloud. You pick how powerful it is, what OS it runs, and pay by the hour.",{"title":188,"path":206,"acronym":6,"category":207,"difficulty":199,"description":208},"\u002Fterms\u002Ff\u002Ffirewall","networking","A firewall is the bouncer at your network's door. It checks every incoming and outgoing connection against a list of rules and blocks anything suspicious.",{"title":185,"path":210,"acronym":211,"category":174,"difficulty":176,"description":212},"\u002Fterms\u002Fi\u002Fiam","Identity and Access Management","IAM is the permission system for AWS. It controls who (users, roles, services) can do what (read S3, start EC2, invoke Lambda) on which resources.",{"title":187,"path":214,"acronym":215,"category":174,"difficulty":176,"description":216},"\u002Fterms\u002Fr\u002Frds","Relational Database Service","RDS is Amazon's managed database service.",{"title":183,"path":218,"acronym":6,"category":207,"difficulty":176,"description":219},"\u002Fterms\u002Fs\u002Fsubnet","A subnet is a smaller chunk of a larger network, like dividing a city into neighborhoods. All devices in a subnet can talk to each other directly.",1776518311497]