Skip to Content
Programming Amazon Web Services
book

Programming Amazon Web Services

by James Murty
March 2008
Intermediate to advanced
604 pages
18h 38m
English
O'Reilly Media, Inc.
Content preview from Programming Amazon Web Services

Network Security by IP

When you launch an EC2 instance, the first thing you will generally want to do is log in to it over a Secure Shell connection to run programs on the instance and control what it is doing. In our discussion of keypairs, we demonstrated how to create the public and private key pair credentials you will need to authenticate yourself to your instances, but there is an extra step required before you can log in. You must configure your network security firewall settings to allow network connections to reach your instances.

Network security in EC2 is managed using security groups. Security groups are collections of rules that describe exactly what kind of incoming network connections the EC2 environment should permit to reach your instances. Any network traffic sent to an EC2 instance that is not explicitly allowed by a security group rule will be discarded before it ever reaches the instance. There are two classes of access rules you can apply: rules that permit network traffic from other EC2 instances inside Amazon’s AWS network and rules that permit traffic from outside, such as from computers on the Internet.

To get an instance up and running without delay, we will save a full discussion of the EC2 service’s network security capabilities and API for later in this chapter, in the Security Groups” section. For now, let us concentrate on configuring the security group rules you will need to interact with the instances you launch.

When your EC2 account was created, ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
Julian F.
Head of Cybersecurity
QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
Addison B.
Field Engineer
QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
Amir M.
Data Platform Tech Lead
QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Mark W.
Embedded Software Engineer

You might also like

Learn AWS Serverless Computing

Learn AWS Serverless Computing

Scott Patterson
AWS SysOps Cookbook - Second Edition

AWS SysOps Cookbook - Second Edition

Eric Z. Beard, Rowan Udell, Lucas Chan

Publisher Resources

ISBN: 9780596515812Errata Page