Amazon EC2 Security Groups
Amazon EC2 Security Groups for EC2. A security group acts as a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance.
Questions tagged [aws-security-group]
820 questions
1
vote
2 answers
Can't whitelist a cross-account source security group id in Terraform security group rule
I have a central AWS account that I am running some AMI builds in with Packer. I have a secondary account where I also need to run builds in on occasion but I can only afford to keep my CI/CD servers running in one account. That being said, I am…
Oxth
- 33
- 4
1
vote
1 answer
How to configure security groups to connect Laravel Vapor to AWS RDS
I have an AWS RDS that is correctly set up to allow inbound traffic on port 3306 from an ELB that load balances two EC2 instances. This is all working as it should, and has been for some time.
I'm now deploying a new application to a Laravel Vapor…
charliefortune
- 3,072
- 5
- 28
- 48
1
vote
1 answer
Determine Who Removed the Security Group which was Attached to EC2 machine in AWS
Problem Statment:
I have an EC2 machine that is running, and today I found someone removed one of the Security Group attached to the EC2 machine.
I wanted to know, how can we check who removed the security group from the EC2 machine.
Solution Tried…
Not A Bot
- 2,474
- 2
- 16
- 33
1
vote
1 answer
How to modify the Active Directory security group rules in Terraform?
My goal is to make the active directory security group ingress rules more restrictive. I'm having trouble deleting or modifying the ingress rules that terraform automatically gives this security group.
Using Terraform to set up an active directory…
Geer
- 11
- 1
1
vote
1 answer
Pass Terraform Output from One Module to Another
I am having trouble passing the output of one module into another module in Terraform. In my main.tf, I am creating a security group. I want to pass the id of this security group to the vpc_security_group_ids of my EC2 instance creation. Here is my…
virtualramblings
- 23
- 3
1
vote
0 answers
AWS CLI adding inbound rules to a security group
I have written an AWS script that scans all security groups that have a specific tag associated with them. It then modifies the ip address of specified inbound rule or adds the new inbound rule if it doesn't exit
You pass 3 parameters to it, tag…
h.pylori
- 53
- 5
1
vote
1 answer
How do Prefix lists factor into the permission entry limit in Security Groups?
I have added 7 inbound rules, 5 of them are with "Managed prefix list" that has 2 entries, those entries are public IPs with /32 CIDR block, so I am not able to add more inbound rules with "pl" as the max count gets reached, but how the figure "52"…
Narek Hambardzumyan
- 425
- 2
- 14
1
vote
1 answer
What is 'Custom TCP' in AWS security group?
When I set a inbound rule in a security group for an AWS EC2 like this:
So source type says that only traffic from my computer is to be allowed and only port 8080 in EC2 instance is to be made accessible.
What does 'Type' field here means when I…
Mandroid
- 6,200
- 12
- 64
- 134
1
vote
1 answer
How to regex-match a comma delimited list containing AWS Security Group IDs?
How can I match a comma delimited list which could be either empty or AWS Security Group Ids e.g. sg-qwe12345,sg-543234aewrfs,sg-12eqwrwer,sg-gjkkh12435?
I tried (^$|sg-[0-9a-z]+\,|sg-[0-9a-z]+)(?
Paras Jain
- 11
- 2
1
vote
3 answers
terraform wants to replace ec2 instances when i simply want to add a rule to a security group
I have an ec2 instance defined in terraform along with some security rules.
These are the security rules:
resource "aws_security_group" "ec2_web" {
name = "${var.project_name}_${var.env}_ec2_web"
description = "ec2 instances that serve to…
iateadonut
- 1,951
- 21
- 32
1
vote
0 answers
How to access a public ip enabled instance from a another instance where only private ip is available
I have two instances in AWS where we have public ip and private ip for one instance and the other instance has only private ip.
Both are in the same VPC and same subnet. However I’m not able to access/ping the public ip from the instance 2. I can…
Nagaraju Chitimilla
- 530
- 3
- 7
- 23
1
vote
1 answer
How to create module for security group in terraform
I have this resource to make security groups and have several entry rules.
These files are inside the "security-group" folder because I have to create a module for it.
Main.tf
resource "aws_security_group" "main" {
name = var.sg_name
…
Leonardo Arango
- 51
- 5
1
vote
6 answers
How to whitelist a large list of IP addresses on AWS EC2 instances?
I have a large list of IPs (>100) that need to be whitelisted for both inbound and outbound communication on EC2 instances. Is there a way to whitelist them collectively? (The IPs also don't belong to a range and are discontinuous). We are currenlty…
Piyush Khanna
- 23
- 6
1
vote
2 answers
AWS Network Load Balancer healthchecks not behaving as expected
I have an issue where the Network Load Balancer healthcheck is showing targets as unhealthy. The targets are AWS Fargate instances.
The healthcheck port and application port is 8080. Everything works perfectly if I place the ECS Fargate cluster…
Asterix Assa
- 53
- 4
1
vote
1 answer
ALB Timeout when Using Lambda to serve S3-hosted React app through an ALB without cloudfront
I'm trying to access a React app using an AWS Application Load Balancer (internet facing) whose files are hosted in s3 through a lambda. The basic idea is that when the user visits the ALB DNS name (e.g., https://albdnsname or http://albdnsname) the…
stonewalker747
- 61
- 1
- 7