         | Did this page help you? Yes No Tell us about it... |
DB Security Groups
Amazon RDS allows you to control access to your DB Instances using DB Security Groups. A DB Security Group acts like a firewall controlling network access to your DB Instance. By default, network access is turned off to your DB Instances. If you want your applications to access your DB Instance you can allow access from specific EC2 security groups or IP ranges. Once ingress is configured, the same rules apply to all DB Instances associated with that DBSecurityGroup.
![[Important]](http://docs.amazonwebservices.com/docs-common/images/important.png) | Important |
|---|---|
Please ensure you authorize only specific IP ranges or EC2 security groups. We highly discourage authorizing broad IP ranges (for example, 0.0.0.0/0). |
Note that you cannot use Amazon RDS DB Security Groups to restrict access to your Amazon EC2 instances. Similarly, you cannot apply an Amazon EC2 security group to your Amazon RDS DB Instance.
For more information on working with DB Security Groups, go to Working with DB Security Groups.
