To create new security group go to "Services" - "VPC" in the main menu. Then select "Security Groups" link in the "Security" section. As soon as you click on the button "Create Security Group", you will see the following window
After new security group is created, select it and copy it's ID to the clipboard. At the bottom of the page you will see information about your new security group. Go to the "Inbound Rules" and add new rules to it
Here is explanatio why do we need this inbound rules
- SSH (22) - enables ability login to any vm via ssh protocol
- HTTP (80) - our website-a and website-b will be available through this port to the outside world
- All Trafic - with this rule we allow any traffic inside of our subnetwork, so that vms can talk to each other
You can leave outbound rules as is
