Ensure that access is restricted to specific IP addresses or network ranges, and implement other security measures to protect sensitive data and resources.

1. Go to the VPC dashboard and select the Security Group option.

2. Click on the Create Security group button.

3. Provide a name and description for the security group. For example, name it "datalogz-security-group" and provide a description such as "Allow SSH, PostgreSQL, and HTTPS for Datalogz".

4. Select the VPC that was created previously in the VPC Deployment section.

5. In the Inbound Rules section:

   • Add a rule to allow incoming traffic on port 5432 for PostgreSQL, with the source set to 10.0.0.0/24 (the IP address range of the VPC).

   • Add a rule to allow incoming traffic on port 22 for SSH, with the source set to the IP address or IP address range of the developers who will be accessing the EC2 instance.

   • Add a rule to allow incoming traffic on port 443 for HTTPS. Set the source to the IP address(es) of your VPN for a private deployment.

6. In the Outbound Rules section:

   • Add a rule to allow outgoing traffic on port 443 for HTTPS, with the destination set to anywhere.

   • Add a rule to allow outgoing traffic on port 80 for HTTP, with the destination set to anywhere.

7. Click on the Create Security group button to create the security group.

These steps will create a security group that allows incoming traffic on ports 22, 5432, and 443, and outgoing traffic on ports 80 and 443. The security group will also restrict incoming traffic to specific sources, such as the IP address range of the VPC and the IP address range of the developers who will be accessing the EC2 instance via SSH.