i'm wondering if i can create a Security Group that limits access of internal network , as i know all ports are open for internal network and i wanna limit it
EC2 security groups only affect incoming communications and do not prevent a server from initiating outbound communications.
The only exception on this rule are Amazon Virtual Private Cloud (VPC) security groups. So if you want to do this you will have to set up your servers in a VPC.
You could always set your firewall to drop all outbound packets (make sure you allow ssh/rdp) on OS level, using the Windows Firewall or iptables in Linux.
EC2 security groups only affect incoming communications and do not prevent a server from initiating outbound communications.
The only exception on this rule are Amazon Virtual Private Cloud (VPC) security groups. So if you want to do this you will have to set up your servers in a VPC.
You could always set your firewall to drop all outbound packets (make sure you allow ssh/rdp) on OS level, using the Windows Firewall or
iptablesin Linux.