Note: The above image shows an EC2 server selected in the AWS console, and in the description a link to the security group that is attached. Clicking that link takes you to the security group.
After you configure and deploy your new aMi STACX stack, don't forget to restrict access to the SSH port. That's the reminder the AWS console EC2 deployment shows when you launch an EC2 with SSH set to 0.0.0.0/0; that it's open to the world.
A simple basic way to resolve this in two simple steps:
1. Type in your browser search [We use Google]; "What is my IP address"
2. Copy the result into the AWS security Group that is responsible for the EC2 sever, and specifically the SSH port. Simply click edit, paste, and add append a "/"at the end so that AWS presents an automatic CIDR format for the IP address.
Keep in perspective this only works for static IP addresses. Should require dynamic IP restriction, or complex access via groups, then we'd recommend you check out Dome9 to handle your AWS security groups.
In the simplest form, AWS security groups allow a little peace of mind.