A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. Security groups operate at the instance level, not the subnet level. Therefore, each instance in a subnet in your VPC can be assigned to a different set of security groups. Network Access Control Lists (NACLs) operate at the subnet level, so they are not the correct answer. Route tables direct network traffic, but do not control or filter traffic like a firewall. Subnet CIDRs are used for IP address allocation within a VPC and have no filtering capabilities.
Learn More
AI Generated Content may display inaccurate information, always double-check anything important.
What are the main differences between a Security Group and a Network Access Control List (NACL)?
How do I configure a Security Group in AWS?
What are the potential security risks if Security Groups are not configured properly?