Opening an Amazon EC2 security group for ArcGIS Server
Amazon provides security groups that allow you to specify who can connect to your EC2 instances. You must open access for at least remote desktop connections before you can connect to your EC2 instance. Additionally, HTTP access is required to view the Services Directory.
The steps below explain how to open remote desktop and basic HTTP access on a security group. An optional step shows how to allow all instances in your security group access to each other, which is helpful for operations such as file sharing.
You can set these access rules either on the default group or a group that you've previously created.
- Sign in to the AWS Management Console.
- On the Amazon EC2 tab, click Security Groups.
- Check the check box next to the security group you want to modify, then click the Inbound tab to examine the list of allowed connections.
- Use the drop-down lists and text boxes to add RDP as an allowed connection. This opens port 3389. You'll also need to supply a range of IP addresses that are allowed to make this connection, using Classless Inter-Domain Routing (CIDR) notation. For example, 0.0.0.0/0 allows everyone to connect, whereas 92.23.32.51/32 allows one specific IP address to connect.
Click Add Rule to add this allowed connection.
- Repeat the process to add HTTP as an allowed connection. This opens port 80. Optionally, specify a range of IP addresses that are allowed to make this connection, then click Add Rule.
- Optionally, add a rule to allow all EC2 instances within your group full access to each other. To do this, choose All ICMP. Then, in the Source text box, type the Group ID of the security group that you are currently editing (for example sg-xxxxxxxx) and click Add Rule.
If you don't know the ID of your security group, you can switch back to the Details tab to see it, but be aware that this will erase the other rules you've set if you have not yet clicked Apply Rule Changes.
- If you have not yet done so, click Apply Rule Changes. Your rule changes take effect immediately.
See Common security group configurations to learn more about these security rules and when to adjust them.