Stack Overflow
Stack Overflow

Questions tagged [aws-security-group]

Amazon EC2 Security Groups

Amazon EC2 Security Groups for EC2. A security group acts as a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance.

See Amazon EC2 Security Groups

820 questions
6
votes
2 answers

What does Outbound traffic mean for an AWS Security Group assigned to an AWS RDS instance?

Pressing "Launch DB Instance" in the AWS RDS management console is the equivalent of launching a server daemon, if one were to do-it-oneself. The console also has a setting to associate a "Security Group" to the DB Instance. The Security Group…
Calaf
  • 10,113
  • 15
  • 57
  • 120
6
votes
1 answer

What does protocol -1 on AWS security group egress mean?

I understand the egress property on an AWS security group controls the outbound traffic, but does anyone know what the protocol of -1 means? resource "aws_security_group" "elb" { name = "example-elb” ingress { from_port = 80 to_port =…
User314159
  • 7,733
  • 9
  • 39
  • 63
6
votes
1 answer

AWS SSL certificate with Elastic Beanstalk: HTTPS site not reachable

When I associate an AWS certificate with my Elastic Beanstalk app and visit the domain using https, I get 'This site can’t be reached, mydomain.com refused to connect.' I can visit the site using http. I created a security certificate with AWS's…
user2233706
  • 6,148
  • 5
  • 44
  • 86
6
votes
1 answer

EC2 instance inbound rule not working

I have an Apache server listening on port 10801 (running on Amazon linux EC2 instance). I have updated the inbound rule for the security group with custom TCP rule to allow all traffic to port 10801. The process is listening on port 10801 >> sudo…
broun
  • 2,483
  • 5
  • 40
  • 55
6
votes
1 answer

AWS: Security Group to allow access internet-facing Load balancer to be accessed from private instances

My question is an extended version of this. In my case the security group has to restrict the access to Load Balancer 1. It has to have some white listed IPs. So, which IPs can I put here that can allow access of Load Balancer 1 from Auto Scaling…
Nirav Radia
  • 167
  • 3
  • 12
5
votes
5 answers

How can I have a default security group without a VPC?

I saw this today and it seemed odd. In one region I have no VPC, but I apparently have a default security group that can't be deleted because "This is a default security group. Default security groups cannot be deleted." How did this default…
Shawn
  • 8,374
  • 5
  • 37
  • 60
5
votes
2 answers

AWS Redis Security group example

I want to create a security group for AWS Elasticache (Redis). As far as i see, i have 2 options: Either open a Custom TCP connection on port 6379, and define the IP addresses what can reach Redis as a source. Or, what currently works: I Open the…
Gábor Csikós
  • 2,787
  • 7
  • 31
  • 57
5
votes
1 answer

Why do we need AWS VPC NAT instances?

AWS beginner here. This question is about AWS VPC NAT instances. As per the docs "You can use a network address translation (NAT) instance in a public subnet in your VPC to enable instances in the private subnet to initiate outbound IPv4 traffic to…
Aravind
  • 550
  • 7
  • 17
5
votes
1 answer

What is the CidrIp in Security groups

I am creating a self ingress rule in a security group. I have created a CloudFormation template for the security groups, but I couldn't understand what is the CidrIp that I need to give here: "SelfIngress1": [ { "IpProtocol" :…
user10146200
  • 251
  • 1
  • 3
  • 6
5
votes
2 answers

Terraform no matching SecurityGroup found

I am trying to configure my terraform for Dev and QA environments, each of which have their own Security Groups, which I specify with the data tag: data "aws_security_group" "ssh" { name = "SG-SSH" } data "aws_security_group" "postgres" { name…
covfefe
  • 2,485
  • 8
  • 47
  • 77
5
votes
2 answers

How do I Allow Fargate cluster to access external mongodb database instance

I have built a Fargate cluster which is running my website. The service starts the task for the website properly but stops when it gets to trying to connect to my database instance. MongoError: failed to connect to server [123.456.789.0:27017] on…
chrisaitken
  • 51
  • 1
  • 4
5
votes
1 answer

Can't communicate between two EC2 instances in the same security group via public ip address?

I can't connect to another EC2 instance in the same security group using public ip. If I try to connect using public DNS name and private ip, it is working fine. What I have done so far: created two EC2 public instances attached both instances to…
hkonala
  • 319
  • 1
  • 3
  • 7
5
votes
2 answers

AWS reuse IP's in several security groups

I have several IP's and I want add access from exactly those IP's to some security groups. Is there way to declare the IP's once and reuse them in security groups instead of declare those IP's on each security group?
Roy Shmuli
  • 4,979
  • 1
  • 24
  • 38
5
votes
3 answers

Accessing ElasticSearch on EC2 instance from outside the cloud

I am trying to access my ElasticSearch on a running EC2 instance from outside the Cloud. I currently have SSH/HTTP/HTTPS open to the public for inbound traffic as well as all open for outbound traffic. I set up a public IP for my EC2 instance as…
Liondancer
  • 15,721
  • 51
  • 149
  • 255
5
votes
0 answers

Amazon EMR does not add SSH port 22 inbound rule as explained in the documentation?

My understanding of the EMR Managed Security Group Documentation is that on creation of a cluster, an inbound rule to SSH from any IP to Master on port 22 is added. SSH TCP 22 (public subnets only) 0.0.0.0/0 Allows inbound access to the master…
RAbraham
  • 5,956
  • 8
  • 45
  • 80
1 2 3
54 55