Aug 2017

|

When creating an EC2 Instance manually, we will always be assigned one default security group. A security group is like a set of firewall rules. By default an EC2 instance will not accept any incoming IP traffic, so we need to start to add rules to our security group to allow this.

Below is an example of some security groups. Remember, the default security group “launch-wizard-1” is automatically created when you manually create an EC2 Instance.


I believe the security group can be referenced in the Terraform script by either it's group name or its group ID.

Below we can see the contents of the security group launch-wizard-1.


By default, only the SSH rule is added, I added the two HTTP rules as my EC2 Instance is a web server, and without port 80 it's pretty useless.

In the script, my security group setting will be:

security_groups= ["launch-wizard-1"]

This Terraform script does not create a security group, you have to manually create the security group, The Terraform Script simply points to an existing Security Group (or Security Groups).