Security Groups and SSH keys

Security Groups (The Firewall):

Think of a security group like a bouncer at a club who checks IDs. It controls what traffic can reach your EC2 instance and what traffic can leave it. For example:

• Want to allow SSH access (so you can connect to your instance)? You set a rule to allow traffic on port 22
• Need to host a website? Allow traffic on port 80 (HTTP) or 443 (HTTPS)
• By default, nothing is allowed in (inbound rules) - you have to explicitly permit it
• All traffic is allowed out (outbound rules) by default

SSH Keys (Your Digital Key):

Just like you need a physical key to enter your house, you need a digital key to connect securely to your EC2 instance. 

Windows: https://www.purdue.edu/science/scienceit/ssh-keys-windows.html

Linux/macOS: open the terminal and type "ssh-keygen -t ed25519", follow the prompts and it will tell you where it saved the keys.

The file ending in .pub is the publickey, and the other one is the private key.