A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. For each security group, you add rules that control the inbound traffic to instances, and a separate set of rules that control the outbound traffic.
At a minimum, the following security groups are recommended when deploying AppDynamics in AWS using Aurora DB.
Recommended security groups are included in the AppDynamics CloudFormation template. However, you can create the following or additional security groups to align with your organization's standards.
Required Security Groups
The following security groups should be created, using the instructions provided in the AWS documentation.
Security Group Name
|appd-elb-security-group||Security group for the AppDynamics Enterprise Console||Allow all inbound TCP traffic on ports 22 and 9191|
Allow outbound TCP traffic to appd-appserver-security-group on port 22
Allow outbound TCP traffic to appd-db-security-group on port 3388
|appd-appserver-security-group||Security group for the AppDynamics Controller Appserver|
Allow all inbound TCP traffic on port 22
Allow inbound TCP traffic on ports 8090-8097 from appd-elb-security-group
|Allow outbound TCP traffic to appd-db-security-group on port 3388|
|appd-db-security-group||Security group for AppDynamics database instances||Allow inbound traffic on port 3388 from appd-appserver-security-group and appd-elb-security-group||No outbound access allowed|
|appd-elb-security-group||Security group for load balancer in front of the AppDynamics Controller||Allow all inbound HTTPS traffic on port 443||Allow outbound TCP traffic to appd-appserver-security-group on ports 8090-8097|