Amazon Security Groups for EC2

I was working on the review of my small business IT infrastructure today, which includes our servers at Amazon EC2. As I was looking at my "server role" definitions and the corresponding Amazon EC2 Security Groups I saw a new blog post come in from Amazon Web Services.

They put together an overview of building three-tier architectures with security groups. I learned a few things while reading which will hopefully help be better setup my infrastructure: So this was an eye opener about truly securing your three-tier architecture. I have the web and database server roles, but the application role is a new layer I hadn't considered.

I also have other role based layers for development (subversion), and content (FTP). Also have mail specific SMTP and POP security layers.

I will be upgrading my Amazon EC2 security structures based upon what I've learned today, and include in my cloud IT infrastructure review strategy.