Amazon Cloud Server Security Rules

In this tutorial, I will go into detail about how to set up security rules for a Linux AMI in an Amazon EC2 web server instance.

When you are creating your instance, you will click on instances in the main nav and then click to add a new instance. In the step of this process that asks you to create or select a security group, you will want to create a special one according to your preferences in most cases unless one of the default ones happens to cover your needs which I doubt. Below, I will go over the rules for creating one for a Linux server with a MySQL database and later a Linux server with a PostgreSQL database. Both are for web servers of course.

Security rules for Linux MySQL Web server

Ports Protocol Source
21 tcp 0.0.0.0/0
22 tcp 0.0.0.0/0
80 tcp 0.0.0.0/0
443 tcp 0.0.0.0/0
49152-65535 tcp 0.0.0.0/0
0-65535 udp 0.0.0.0/0
-1 icmp 0.0.0.0/0

when creating your instance, you will be given the opportunity to enter the above rules in. Simply follow the table and create duplicate rules and your web server with Linux and MySQL will work just fine as mine does.

 

Security rules for Linux PostgreSQL web server

Ports Protocol Source postgresql
21 tcp 0.0.0.0/0
22 tcp 0.0.0.0/0
80 tcp 0.0.0.0/0
443 tcp 0.0.0.0/0
5432 tcp 0.0.0.0/0
5434 tcp 0.0.0.0/0
5499 tcp 0.0.0.0/0
49152-65535 tcp 0.0.0.0/0
0-65535 udp 0.0.0.0/0
-1 icmp 0.0.0.0/0

Regardless of which set up you choose, they are entered the same way when you create the instance from your Amazon Management Console. Most of you will probably be using a MySQL database, but as a web developer, I do have a couple clients that use a PostgreSQL database, so it is relevant information for some people.

 Tips for creating Security Groups for an Amazon EC2 Instance

There are some things you should be aware of when creating your security groups. I included the following tips so that beginning web developers do not face the same problems I did when I first started in the cloud:

  1. Add names to your security groups that are descriptive such as Linux_MySQL or Linux_PostgreSQL for the above two.
  2. when launching a new instance, you can reuse security groups, but it seems as if they do not show up in the manage console….well they do, but they will say “no rules”, but yet they work, so this is something I will follow up on in other posts as I learn more.

One Reply to “Amazon Cloud Server Security Rules”

Leave a Reply

Your email address will not be published. Required fields are marked *