Bird
Raised Fist0
AWScloud~5 mins

Inbound and outbound rules in AWS - Cheat Sheet & Quick Revision

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Recall & Review
beginner
What are inbound rules in AWS security groups?
Inbound rules control the incoming traffic allowed to reach your resources, like servers or databases.
Click to reveal answer
beginner
What do outbound rules in AWS security groups do?
Outbound rules control the outgoing traffic that your resources can send out to the internet or other resources.
Click to reveal answer
intermediate
Why is it important to configure both inbound and outbound rules?
Configuring both ensures your resources only accept and send traffic you want, improving security and controlling access.
Click to reveal answer
beginner
If you want to allow web traffic to a server, which inbound rule would you add?
Add an inbound rule allowing TCP traffic on port 80 (HTTP) or 443 (HTTPS) from the internet or trusted sources.
Click to reveal answer
intermediate
What happens if you do not set any outbound rules in a security group?
By default, all outbound traffic is allowed, so your resources can send data out to the internet or other resources.
Click to reveal answer
What does an inbound rule in an AWS security group control?
AOutgoing traffic from your resource
BIncoming traffic to your resource
CTraffic between AWS regions
DTraffic inside your local computer
Which port is commonly opened in inbound rules to allow web traffic?
A80
B22
C3306
D25
What is the default behavior of outbound rules in a new AWS security group?
AOnly HTTP traffic is allowed outbound
BNo outbound traffic is allowed
COnly SSH traffic is allowed outbound
DAll outbound traffic is allowed
If you want your server to send emails, which rule should you configure?
AInbound rule for port 25
BInbound rule for port 443
COutbound rule for port 25
DOutbound rule for port 80
Why should you limit inbound rules to specific IP addresses?
ATo improve security by restricting access
BTo increase server storage
CTo allow all users to connect
DTo reduce internet speed
Explain the difference between inbound and outbound rules in AWS security groups.
Think about traffic coming to and leaving your server.
You got /3 concepts.
    Describe a scenario where you would modify inbound and outbound rules for a web server.
    Consider what traffic a web server needs to receive and send.
    You got /3 concepts.

      Practice

      (1/5)
      1. What do inbound rules in a security group control in AWS?
      easy
      A. Both incoming and outgoing traffic
      B. Outgoing traffic from your resources
      C. Incoming traffic to your resources
      D. Traffic between AWS regions

      Solution

      1. Step 1: Understand inbound rules purpose

        Inbound rules specify what incoming network traffic is allowed to reach your AWS resources.

      2. Step 2: Differentiate inbound from outbound

        Outbound rules control outgoing traffic, so inbound rules only affect incoming connections.

      3. Final Answer:

        Incoming traffic to your resources -> Option C

      4. Quick Check:

        Inbound = Incoming traffic [OK]
      Hint: Inbound means incoming traffic allowed [OK]
      Common Mistakes:
      • Confusing inbound with outbound rules
      • Thinking inbound controls outgoing traffic
      • Assuming inbound controls both directions
      2. Which of the following is the correct way to allow HTTP traffic inbound on port 80 in an AWS security group?
      easy
      A. Allow TCP traffic on port 80 inbound
      B. Allow TCP traffic on port 22 inbound
      C. Allow UDP traffic on port 80 outbound
      D. Allow ICMP traffic inbound

      Solution

      1. Step 1: Identify HTTP port and protocol

        HTTP uses TCP protocol on port 80.

      2. Step 2: Match rule to allow inbound HTTP

        Allowing TCP traffic on port 80 inbound correctly permits HTTP requests.

      3. Final Answer:

        Allow TCP traffic on port 80 inbound -> Option A

      4. Quick Check:

        HTTP = TCP port 80 inbound [OK]
      Hint: HTTP uses TCP port 80 inbound [OK]
      Common Mistakes:
      • Using wrong port number for HTTP
      • Allowing outbound instead of inbound
      • Using UDP instead of TCP for HTTP
      3. Given this security group outbound rule: Allow all traffic (all protocols) to 0.0.0.0/0, what is the effect?
      medium
      A. Allows outbound traffic only on port 443
      B. Blocks all outbound traffic
      C. Allows inbound traffic from any IP
      D. Allows all outbound traffic to any IP

      Solution

      1. Step 1: Analyze the outbound rule details

        The rule allows all protocols and all ports outbound to any IP address (0.0.0.0/0 means anywhere).

      2. Step 2: Understand outbound traffic effect

        This means any outbound traffic from the resource is allowed to any destination.

      3. Final Answer:

        Allows all outbound traffic to any IP -> Option D

      4. Quick Check:

        Outbound all traffic to 0.0.0.0/0 = Allow all outbound [OK]
      Hint: 0.0.0.0/0 means anywhere, all protocols means all traffic [OK]
      Common Mistakes:
      • Confusing inbound and outbound rules
      • Thinking it blocks traffic
      • Assuming it restricts ports
      4. You created an inbound rule allowing TCP port 22 from 0.0.0.0/0 but cannot SSH into your EC2 instance. What is a likely cause?
      medium
      A. Security group is not attached to the instance
      B. Inbound rule uses UDP instead of TCP
      C. Port 22 is closed on the instance's OS firewall
      D. Outbound rules block all traffic

      Solution

      1. Step 1: Check security group attachment

        Even if rules are correct, if the security group is not attached to the instance, rules won't apply.

      2. Step 2: Consider other causes

        Outbound rules usually allow return traffic by default; OS firewall or protocol mismatch would cause different symptoms.

      3. Final Answer:

        Security group is not attached to the instance -> Option A

      4. Quick Check:

        Security group must be attached to instance [OK]
      Hint: Check if security group is attached to instance [OK]
      Common Mistakes:
      • Ignoring security group attachment
      • Assuming outbound rules block SSH
      • Not checking OS firewall settings
      5. You want to allow your web server to receive HTTP requests from anywhere but restrict outbound traffic to only HTTPS (port 443). Which inbound and outbound rules should you configure?
      hard
      A. Inbound: Allow UDP port 80 from 0.0.0.0/0; Outbound: Allow TCP port 443 to 0.0.0.0/0
      B. Inbound: Allow TCP port 80 from 0.0.0.0/0; Outbound: Allow TCP port 443 to 0.0.0.0/0
      C. Inbound: Allow TCP port 443 from 0.0.0.0/0; Outbound: Allow TCP port 80 to 0.0.0.0/0
      D. Inbound: Allow TCP port 80 from 192.168.0.0/24; Outbound: Allow all traffic to 0.0.0.0/0

      Solution

      1. Step 1: Set inbound rule for HTTP

        Allow TCP port 80 inbound from anywhere (0.0.0.0/0) to receive HTTP requests.

      2. Step 2: Set outbound rule for HTTPS only

        Allow TCP port 443 outbound to anywhere to restrict outgoing traffic to HTTPS.

      3. Final Answer:

        Inbound: Allow TCP port 80 from 0.0.0.0/0; Outbound: Allow TCP port 443 to 0.0.0.0/0 -> Option B

      4. Quick Check:

        Inbound HTTP, outbound HTTPS only [OK]
      Hint: Inbound HTTP port 80, outbound HTTPS port 443 [OK]
      Common Mistakes:
      • Mixing up inbound and outbound ports
      • Using UDP instead of TCP for HTTP
      • Restricting inbound to private IPs only