Amazon EC2 Security Groups
Amazon EC2 Security Groups for EC2. A security group acts as a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance.
Questions tagged [aws-security-group]
820 questions
3
votes
1 answer
AWS EC2: does Network Load Balancer have security groups?
In the doc: https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-update-security-groups.html
It syas the following when editting the security group of load balancers:
Update the associated security groups
You can update…
Kid_Learning_C
- 2,605
- 4
- 39
- 71
3
votes
1 answer
Outbound rules in a security group
Scenario1: I created an Inbound HTTP rule for all traffic. I then created an outbounf rule for HTTP only for a specific IP (Not mine). I was still able to see the http content. So does this mean that outbound rule will have no impact if inbound rule…
Fawad Shah
- 1,680
- 4
- 15
- 21
3
votes
1 answer
AWS Permissions to allow a specific user to Modify a specific Security Group
I've be trying to implement a new policy on AWS to allow a specific user to manage a specific Security Group.
I used to have this working but it stopped working a couple weeks ago and now no matter what I try I cannot get it to work again.
Does…
vmasanas
- 503
- 1
- 7
- 18
3
votes
1 answer
Connect to AWS RDS database via psycopg2
I am trying to connect to my RDS database from my computer with a python script using psycopg2.
python code:
import psycopg2
from db_credentials import *
import logging
def get_psql_conn():
conn = psycopg2.connect(dbname=DB_NAME, user=DB_USER,…
smiffy
- 75
- 1
- 8
3
votes
1 answer
AWS ELB causing net::ERR_CERT_COMMON_NAME_INVALID error
Currently getting the net::ERR_CERT_COMMON_NAME_INVALID when trying to access my application through the ALB.
This is my current setup:
SSL Certificate created that covers example.com & *.example.com using AWS Certificate Manager.
2 server ec2…
Anthony Maina
- 33
- 5
3
votes
1 answer
How to increase IPs/Ports Security in AWS Security Groups and Network ACL?
I have the following AWS Architecture:
The lambdas can be triggered by API Gateway, SNS, or SQS.
I tried to close as much as possible the IPs and Ports of the Security Groups and ACL of Lambda and RDS Infrastructure.
The SG and NACL of the RDS are…
Leonardo Campanha
- 257
- 4
- 11
3
votes
2 answers
Amazon EMR - missing ingress rule from EmrManagedMasterSecurityGroup on port 9443
I am trying to get my head around this, but cannot figure it out why
I have an EMR cluster to be deployed in AWS Private Subnet.
I checked the documentation here.
From the above I understood the following:
a. For my EMR custom security group, I DO…
ha9u63a7
- 6,233
- 16
- 73
- 108
3
votes
1 answer
Lambda security group deletion hanging and can't be deleted in AWS console
I used Terraform to create a security group and lambda, I changed the security name and wanted to apply terraform again, Terraform is trying to delete the old security group and create the one with the new name.
But the logs show me that it's been…
wawawa
- 2,835
- 6
- 44
- 105
3
votes
1 answer
Why creating EKS cluster auto-creates security groups I already have in place
I am trying to create an EKS cluster via CloudFormation. I have read all the EKS Security Group guidelines by Amazon and already put in place my security groups as I want clearer more tidy naming and also to be able to define the intricacies between…
George S.
- 63
- 1
- 6
3
votes
2 answers
Why does EMR in private subnet need full outbound internet access
AWS documentation on below link asks to allow full outbound internet access on EMR master security group for the cluster which is in private…
Akjpunia
- 141
- 1
- 11
3
votes
1 answer
AWS EC2 Instance - Connection timed out BUT SG exists
I created an AWS EC2 instance where my EC2 instance is in the correct VPC and subnet.
Below are some evidences (Sec Group, Inbound, outbound, NACL, Route tables respectively)
N.B. NACLs have everything open for now. But I do accept that it needs to…
ha9u63a7
- 6,233
- 16
- 73
- 108
3
votes
3 answers
AWS EMR terminated with validation error - security group error
When we try launch AWS EMR in Mumbai region, it gets terminated in 5-6 seconds with the following validation error.
"Terminated with errors The EC2 Security Groups [sg-XXXXXXXXXX] contain one or more ingress rules to ports other than [22] which…
Kavya shree
- 312
- 1
- 7
- 24
3
votes
3 answers
Terraform AWS EKS security group issue
I am deploying AWS EKS Cluster using a terraform script. Everything is deploying fine.
But I am stuck in an issue with the security group. I have added two ports to allow ingress traffic to my application URL.
But the issue is that, after complete…
Albus
- 161
- 3
- 11
3
votes
2 answers
Terraform - Authorizing Security Groups Between VPC Peering Connection
I am running on AWS and I have VPC-A and VPC-B
I have a VPC peering between the two VPCs
I want to allow traffic from SecurityGroupB which is in VPC-B to SecurityGroupA in VPC-A
Up until now I did it with the ruby client with the following call
…
Erez Rabih
- 15,562
- 3
- 47
- 64
3
votes
1 answer
how to create an ingress rule with the source being an sg in boto3
I am trying to create a security group in AWS using boto3, in which the source of the traffic is comming from an existing security group.
This is how I am doing it:
res = client.authorize_security_group_ingress(
GroupId=sg_id, <---- sg…
Simon Ernesto Cardenas Zarate
- 2,636
- 1
- 28
- 42