Network ports explanation

Hi guys,

I was wondering the following things about the networking setup of Rancher with the nodes.

I have single-node Rancher 2.0 installation and 3 cluster nodes on AWS EC2 with the Cloud Provider specified.

This is the security group that Rancher creates and assigns to the nodes:

Are ports 6443 and 2376 needed to be opened to the world or I can restrict it ? For example adding only the public ip of the Rancher server or the nodes need to be able to communicate each other too ?
I am not really confident opening ports to the world as you can imagine. Could you please be so kind to give me a tip with this guys ?

I have read the page but still I dont find it clear :frowning:

Thank you very much in advance :slight_smile: