Inspect EC2 instances and associated security groups from the command line, then summarize network exposure findings.
Understand how to review basic compute inventory and firewall-style access controls in AWS.
Confirm that you are operating in the intended AWS account and region.
Run aws sts get-caller-identity
Run aws configure list
Confirm region and account
List instances and inspect basic metadata.
Run aws ec2 describe-instances
Identify instance states
Capture instance IDs and names
Inspect inbound and outbound rules to understand exposure.
Run aws ec2 describe-security-groups
Find groups attached to selected instances
Summarize open ports and risks
Verify AWS identity and region.
Describe EC2 instances.
Describe security groups.
Map groups to instance usage.
Write a short exposure summary.
Instance inventory is captured clearly
Security group rules are reviewed successfully
Open ports and access patterns are documented
README explains findings and risk considerations
EC2 and security group review notes
CLI output proof
README with findings summary
Shows that you can inspect AWS networking basics from the CLI and reason about instance exposure in a structured way.
Reviewing the wrong region
Ignoring egress rules completely
Looking at group names without reading actual rules
Skipping identity verification first
Compare dev vs prod exposure
Automate rule review with scripts
Add IAM and tagging audit
Connect to Terraform-managed infrastructure