AWS Security Groups are virtual firewalls for controlling traffic to and from Amazon EC2 instances. They act as a set of rules that allow you to control both inbound and outbound traffic.

Inbound rules determine what traffic is allowed to reach your instances, while outbound rules determine what traffic is allowed to leave your instances.

You can specify which protocols and ports to allow or deny, as well as the source or destination IP addresses or subnet.

This allows you to control which hosts and services can access your instances, and which of your instances can access other services.