I imagine you security guys reading this are probably thinking, “Yeah the ability to deploy virtual servers that autoscale and distribute load based on our needs is great and all, but what about security?”. Well don’t you worry we have Security Groups. They are essentially a firewall to your EC2 instance and you can have multiple instances attached to one security group and vice versa. You assign rules by IP and other security groups. By default all inbound traffic going through is blocked, and all outbound coming from EC2 through the Security Group is allowed. You can configure your rules accordingly based on your needs. What is interesting is that you can actually configure rules based on existing Security Groups, not just IPs. So you could place a group of virtual machines in Security Group 1 for example, and you have a machine in Security Group 2 that you want to be able to have machines in Group 1 connect to. Well you can allow traffic from Security Group 1 as a rule in Security Group 2 instead of using IPs. This can allow you to simply configure Security Groups to rely on and reference one another instead of using IPs which could change. A good rule of thumb is if your EC2 instance times out, it is most likely an issue with your security group and that should be investigated.