Which AWS service or feature provides this functionality?

Explanations:

AWS WAF (Web Application Firewall) is primarily used for protecting web applications from common web exploits. It operates at the application layer and is not designed for managing security rules specific to EC2 instances.

Network ACLs (Access Control Lists) provide a layer of security for a VPC and control inbound and outbound traffic at the subnet level. They are not specific to individual EC2 instances but rather apply to all instances within the associated subnet.

Amazon VPC (Virtual Private Cloud) allows users to create a virtual network in the AWS cloud. While VPC is essential for network management, it does not specifically apply security rules to individual EC2 instances.

Security groups act as virtual firewalls for EC2 instances, controlling inbound and outbound traffic at the instance level. Each instance can be associated with one or more security groups, allowing precise security rules to be applied based on the specific needs of each instance.