Skip to main content


Security group inbound traffic should not allow inbound traffic from all


Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. Best practices recommend that no security group allows unrestricted ingress access to prevent any unauthorized access.


  1. Log in to the AWS Management Console.
  2. Select Services.
  3. Select EC2.
  4. From the left panel, select Security Groups.
  5. Select the security group to edit.
  6. Select Edit inbound rules.
  7. For each rule, restrict access to only the appropriate port or port range and IP address range.
  8. Select Save rules.