Security Group

A security group is a stateful virtual firewall that controls traffic to resources.

Updated: 2026-03-05

Definition

A security group controls inbound and outbound traffic rules for resources like instances.

Stateful means return traffic is automatically allowed when a connection is permitted.

Key points

Stateful filtering
Usually attached to instances/resources
Rules are allow-based (no explicit deny in some platforms)

Common mistakes

Opening wide ports to the world for convenience.
Confusing security groups with NACLs (different behavior/scope).

Related exams

AWS Certified Solutions Architect – Associate (SAA-C03)

Free SAA-C03 mini test. Continue in the app for offline packs and detailed explanations.

Related terms

Want to practice this in exam-style questions?

Use the mini tests on each exam page, then continue in the app for offline packs and detailed explanations.