Assume the following requirements:
Website traffic from end users renewing their vehicle registrations will enter the architecture on ports 80 (HTTP) and 443 (HTTPS).
App server traffic will be received exclusively from the internal web servers on a range of ports between 25500-25700.
The app servers must be able to send responses back to the web servers, and the web servers must be able to respond to the end-users.
The question for discussion is: How do you configure the Security Groups to ensure that the entire application flow works per the requirements? Which Security Groups do you edit, and what rules do you create within them? Be specific! And when you respond to your colleagues, make constructive suggestions as to how they could have configured their Security Groups differently or better!