AWS: Creating an security group for access.







Amazon provided Security groups which acts as a firewall for associated instances, controlling both the in and outbound traffic at the instance level. We much add rules to the security group that enables you to connect to our instances from the IP address using for RDP. We can also add rules that allow in/ out bout of HTTP and HTTPS access from anywhere.

Note: If we plan to launch instances in multiple regions we needed to create a security group in each region.

Prerequisites: We need the public IP address of all the local computers from which we want to use this service.
To Create a security group with least privileges.

a). Open the Amazon EC2 console.
b). From the navigation bar, select a region for the security group. Security groups are specific to a region, so you should select the same region in which you created your key pair.



c). Select a region




 d). Click Security Groups in the navigation pane.


e). Click Create Security Group.

f). Enter a name for the new security group and a description. Choose a name that is easy for you to remember, such as your IAM user name, followed by _SG, plus the region name. For example, My_Test_SG. In the VPC list, select your VPC. If you have a default VPC, it's the one that is marked with an asterisk (*).


h). On the Inbound tab, create the following rules (click Add Rule for each new rule), and then click Create:


i) Select HTTPS from the Type list, and make sure that the Source is set to Anywhere (0.0.0.0/0).


j) Click on Outbound Select RDP from the Type list. In the Source box, ensure Custom IP is selected, and specify the public IP address of your computer or network in CIDR notation. To specify an individual IP address in CIDR notation, add the routing prefix /32. For example, if your IP address is 183.82.39.215, specify 183.82.39.215/32. If your company allocates addresses from a range, specify the entire range, such as 183.82.39.215/24.

Note: For security reasons, we don't recommend that you allow RDP access from all IP addresses (0.0.0.0/0) to your instance, except for testing purposes and only for a short time.


Please comment and suggestions are always welcome.

Keywords: AWS Account, IAM, VPC, Security Group, Security Key Pair, Creating New account, Security AWS 

Comments

Post a Comment

Popular posts from this blog

Observium: Configuring Microsoft Windows 2008 Server SNMP Agent

Image
1 . Open Control Pannel. 2. Right click on “ Programs & Features ” and click on “ Turn Windows Features on or off" 3 . Expand “ SNMP Services ” and select “ SNMP Service ” click Next 4. Click Install 5. Close  Programs & Features ” 6. Open Ädministraive Tools and clicket Services 7. Expand Configuration and select Services,  Select SNMP Service , right click and select properties 8 . Select the “ Agent ” tab 9. Type the contact name responsible for this server or email address 10 . Type the location eg, Hyderabad,India. 11 . Tick the following  Physical Datalink and subnetwork  SNMP Trap Service - Agent 12 . Select the “ Traps ” tab 13 . Type in the community string you are using in your environment and select “ Add to list ” 14 . Click “ Add ” 15 . Type the IP of the Observium ServerSNMP Trap Service - Traps 16 . Select “ Security ” tab 17 . Ensure “ Send authentication trap ” is
Read more

AWS: Upgrade PV Drivers on Windows Instances

Image
Amazon Windows AMIs contain a set of drivers to permit access to Xen virtualized hardware. These drivers are used by Amazon EC2 to map instance store and Amazon EBS volumes to their devices. If your Windows instance is launched from a Windows Server 2012 R2 AMI, it uses AWS PV drivers. If your Windows instance uses RedHat drivers, you can upgrade to Citrix drivers. If you are already using Citrix drivers, you can upgrade the Citrix Xen guest agent service. To verify which driver your Windows instance uses , open  Network Connections  in Control Panel and view the  Local Area Connection . Check whether the driver is one of the following: AWS PV Network Device Citrix PV Ethernet Adapter RedHat PV NIC Driver Alternatively, you can check the output from the  pnputil -e  command. AWS PV Drivers Windows Server 2012 R2 AMIs include AWS PV drivers. The AWS PV drivers are stored in the %ProgramFiles%\Amazon\Xentools directory. This directory also contains public symbo
Read more

How to configure Incremental backups for MSSQL Database

Image
Incremental Database Backup : Create a folder for the backup in the Hardisk (Ex: C:\SQL_backup\Incrementail) 1. Open SQL Server Management Studio and connect using windows credentials. 2. Click Management   and select Maintenance Plans . 3. Right-Click on Maintenance Plans and select New Maintenance Plans, Give naming Convention as Incremental_DB_Backup . 4. In Left side of Server Management Studio there will be a Tool Box within Maintenance Plan Tasks   5. Drag and drop the Back Up Database Task and Maintenance Clean Task in the Incremental_DB_Backup   Design area.   6. Right Click on the Back Up Database Task and select Edit .   7. Select the Type of Backup you want to do as Differential 8. Select the Database In Database(s)   in these database list (Ex: TestDB.)   9. Select Create a Backup file for every database , select Create a sub-directory for each database 10. Give the path where we want to store the database backup as C:\SQL_backup\I
Read more