Set up Security Group

Next, we will create a Security group.

1. Access the Security group

   • Search for the Security group.
   • Click Security group.

   

   • Select the Create security group.

   

2. In the Create security group interface, under Basic details

   • Under Security group name, set the name as : ForensicsSG.
   • Make sure to set the VPC to (VPC-AutomatedIncidentResponeWorkshop) as shown below.

   

3. In the Create security group interface, under Inbound rules and Outbound rules

   • Under the Inbound rules, add new Inbound rules and set as below.
   • RDP TCP 3389 Source (your IP) Description(optional) : RDP for IR team.
   • SSH TCP 22 Source (your IP) Description(optional) : SSH for IR team.
   • Remove all of the Outbound rules as below.

   

   • Click Create security group.

4. Policy created successfully:

   

After Security group creation is complete, copy the Security group ID and go to the next step Create an IAM user for Testing