Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [security-groups]

175 questions
1
vote
1 answer

Should AWS Security groups allow internet traffic?

Ok, so I created a default Elastic Beanstalk Application and getting this reported as High Risk, and happens on all Regions that are connected to the VPC Network (which is not a public IP, only the Load Balancer subnets are). AWS Security groups…
Solomon Closson
  • 163
  • 1
  • 6
1
vote
1 answer

Info about Event logs (Active directory)

Recently 3 of my Active directory admins are unable to login to AD server through RDP. After we cross checked everything, we found these 3 users are added in one security group called "Deny RDP access" after i removed users from this group they are…
Akhil RAM
  • 11
  • 2
1
vote
2 answers

AWS CloudFormation - can I use Sub inside GetAtt?

I'm trying to reference a security group inside a CloudFormation template. the name of the group is !Sub '${EnvironmentName}-SG-Private, where EnvironmentName is a template parameter. However, the DBInstance AWS type requires the GroupId of the…
mdarwin
  • 121
  • 10
1
vote
1 answer

can't connect to OpenLDAP server in EC2 instance (AWS)

I would like to know if exist some additional security measures from AWS while connect to a OpenLDAP server in EC2 Linux instance (Ubuntu 18.04). I need this OpenLDAP server to check if user/password combinations are ok in a spring App with login…
Takatalvi
  • 111
  • 7
1
vote
1 answer

Firewall : is inbound rule required for getting SYN-ACK from the server while outbound rule already there?

I have a VPC, within which I have a EC2 instance deployed in private subnet. I have my NACL(Subnet firewall) ALLOW ALL on inbound and outbound. I have my security group rule(Ec2 firewall) , It Blocks Public ip on Inbound rule and Allows to the…
ram
  • 11
  • 1
1
vote
1 answer

Load balancing for Host network is not working when access within the instance

I have designed this infrastructure. ECS SG: Ingress: 0.0.0.0/0 Egress: 0.0.0.0/0 ECS Cluster ASG SG: Ingress: 0.0.0.0/0 Egress: 0.0.0.0/0 Now when I SSH to instance EC2 No 1. Sometimes I have access to MySQL, sometimes no: ec2-user@EC2No1 $…
Daniel Hornik
  • 152
  • 7
0
votes
1 answer

Active directory group scope - Domain local or Global?

CONTOSO has offices in the UK and in the US. each country has its own domain, but the domains trust each other. I have created a group in the AD in UK but if the group is set to global I cannot add US users to the group. As soon as I change the…
Marcello Miorelli
  • 215
  • 1
  • 12
0
votes
1 answer

How to export/import local groups with domain user members from/to a Windows server

What is the recommended way of cloning local group memberships (local groups, domain users) from one Windows server to another (script, tool, utility)? Servers are at version 2008 and later. Thanks.
Alek Davis
  • 153
  • 1
  • 1
  • 7
0
votes
1 answer

How to manage custom application specific permissions in AD?

We are planning to let our customers of our software configure users and their permissions entirely in Active Directory. Once a AD-user is member of the AD-group "SoftwareXyz" he can log in and use our software. I've seen other software products…
OneWorld
  • 101
  • 1
0
votes
2 answers

Benefits of private VPC with NAT versus public VPC with firewall rules (in AWS)

Imagine you have some EC2 servers which are fronted by a load balancer (ELB). Say they're in a public VPC - i.e. each EC2 instance has a public IP address and each instance is firewalled using Security Groups (SG) so only the ELB has direct access…
John
  • 139
  • 3
0
votes
3 answers

Can't access EC2 instance, but not NLB in other VPC

I've recently started the process of switching from AWS ELB to NLB, and I'm facing some connectivity issues. We have 2 VPCs. In VPC1, both EC2 database servers, old ELB and NLB is located. In VPC2, we have some EC2 servers that connect to the…
Simon Fredsted
  • 154
  • 10
0
votes
0 answers

Attach security groups to multiple EC2 instances

Is it possible to attach a new security group to all the EC2 instances in a specific region and keeping the old ones in place?
Volodymyr Molodets
  • 2,424
  • 9
  • 36
  • 52
0
votes
2 answers

Avoiding security groups in Windows domain with automated filesystem security

As far as I understand, best practices recommend that security groups are used with a Windows domain to assign permissions over files and folders. That is, you should create groups in Active Directory, populate them with users, and then assign…
CesarGon
  • 440
  • 3
  • 14
  • 27
0
votes
1 answer

IIS on AWS Windows Server 2016 not serving to external clients

I created an AWS Windows Server 2016 instance and also allocated an elastic IP address to it. Server's running fine and I can RDP into it. I also installed IIS on it and ensured that it is running. Just to be sure, I explicitly enabled ports 80 and…
Najeeb
  • 107
  • 7
0
votes
1 answer

AWS ALB security group allow connection from only my servers

I'm using an intenet-facing AWS ALB (Application Load Balancer) with a ECS cluster(docker), and I want to use it for forward web standard and internal web services traffic. The application load balancer has a listener for 443 port, it's used for the…
jairud
  • 1
  • 1
1 2 3
11 12