The Amazon EC2 service allows you to add and remove instances dynamically for the purpose of scalability. However, the above mentioned scalability need and auto addition of the instances can cause issues for firewall configuration and maintenance, which traditionally rely on IP addresses, subnet ranges or DNS host names as the basis for the firewall rules.
The Amazon EC2 provides a firewall to assign to the EC2 instances. The AWS EC2 firewall is configured through the user-defined groups. When new instances are launched or additional instances are added or removed, the appropriate rules are enforced. Similarly, if the user changes a rule for a group, the changes are automatically applied to all the members of the group.
The present guide demonstrates how to manage a security group.