I have a EC2 machine in public Subnet, In Security group I have only opened 22 port for my public static IP. How safe is it?
As per your comment
if i keep open security group for certain IPs, I am quite unsure whether it is safe or not because there are multiple Hops b/w that IPs and AWS IPs(packet data travels through it). am i correct ? and that application can be accessible from that Hops?
It is absolutely safe to use the ssh port unless there is a vulnerability found in the future in the ssh protocol itself.
Firstly, you are restricting the access only from a static IP so no one else should be able to initiate the ssh session from any other machine.
Secondly, if you have protected your ssh private key and it is not shared then anyone else from the same static IP wouldn't be able to start an ssh connection.
Thirdly, ssh connection creates a secure encrypted data pipe between the client and servers, so even if someone tries to sniff the packets as it passes through different hops, it is hard to make any sense as all the data is encrypted.
Considering all of the above, in my opinion it is quite safe.