AWS > Compute > Amazon Elastic Compute Cloud (EC2):
Notes:
1. All inbound traffic is blocked by default.
2. All outbound traffic is allowed.
3. Changes to Sercuity Groups take effect imediately.
4. You can have any number of EC2 instances within a sercurity group.
5. You can have multiple security group attached to EC2 instances.
6. Security Groups are STATEFUL
6A. If you create an inbound rule allowing traffic in, that traffic is automatically allowed back out again.
7. You cannot block specific IP addresses using Security Groups, instead use Network Access Control Lists(NACL).
8. You can specify allow rules, but not deny rules.
Reference:
1. AWS Documentation - Amazon EC2 Security Groups for Linux Instances:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
2. Udemy - AWS Solutions Architect - Associate:
https://www.udemy.com/aws-certified-solutions-architect-associate/最初發表 / 最後更新: 2019.03.16 / 2020.06.08
0 comments:
張貼留言