How can I allow or block specific IPs on my EC2 instance?
I want to allow specific IP addresses access to my Amazon Elastic Compute Cloud (Amazon EC2) instance and block other IP addresses. How do I do this?
Short description
To allow or block specific IP addresses for your EC2 instances, use a network Access Control List (ACL) or security group rules in your VPC. Network ACLs and security group rules act as firewalls allowing or blocking IP addresses from accessing your resources. Network ACLs control inbound and outbound traffic at the subnet level. Because network ACLs function at the subnet level, rules apply to all instances in associated subnets. Security group rules act as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level.
Keep in mind that network ACLs are stateless, meaning that rules must explicitly allow return traffic. Security group rules automatically allow return traffic regardless of any rules.
Resolution
For information on how to create a network ACL, add rules, and associate one or more subnets, see Work with network ACLs.
For information on how to modify the default security group, create a new group, add rules, and then associate your security group to one or more instances in your subnet, see Work with security groups.
Related information
Internetwork traffic privacy in Amazon VPC
Contenido relevante
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 2 meses