A security group acts as a virtual firewall for your instance to control incoming and outgoing traffic. Inbound rules control the incoming traffic to your instance, and outbound rules control the outgoing traffic from your instance [ref].
You can easily configure security group of your instance via EC2 Dashboard.
Select an instance, then look at
Description tab, click the link like example below to navigate to security group
Click the Security group ID link like example below to see detail inbound and outbond traffic of your instance
When you launch an instance and don’t configure the security group, the default rules will look like this
To edit rules of inbound or outbound traffic, click
Edit button like example below
In the example above, I added new rules HTTP (port 80), HTTPS (port 443) and Custom TCP (port 3000) to inbound rules.
The following inbound rules allow HTTP and HTTPS access from any IP address. This is for setup my instance to be a web server, so I can access like this:
Then I added custom TCP (port 3000), so I can access web server like this:
The custom TCP above is not for production, I use this to test Node.js application running on Port 3000.
Save new added rules by click orange button