- Más nuevo
- Más votos
- Más comentarios
Regarding the purpose of your resources (EC2 instance) - does it have to be accessible via the Internet? Assuming that you have Elastic IP, it looks like you want it to be reachable from outside, correct? If someone has access to your resources (outside of your VPC or your account) that you might not be aware of, this would generate unwanted traffic; they might be accessing your instance from their own resources located in other AWS Regions, which is why you'd see the traffic going to other regions. Since AWS does not have control over what's inside your application / what you actually do on your instances, it's up to you to set up proper access and controls to restrict your resources only to perform their main function.
I'd suggest reviewing your security groups and Network ACLs, to make sure that you're not allowing anyone access to your instance (for example... you certainly shouldn't have the 0.0.0.0/0 rule that would potentially open up access to your instance for anyone on the internet).
The best way to track where the traffic is going or where it's coming from, would be using VPC Flow Logs. Though, note that you may be getting charges (CloudWatch logs) for them, too. If you wanted to troubleshoot, you can enable the flow logs for an hour or so, and just see what's going on with the traffic. Then, you'd have better idea how to restrict access to your instance.
Contenido relevante
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 4 meses
- OFICIAL DE AWSActualizada hace un año
Yes. I have multiple devices accessing my VPN services via the internet. I configured 2 security group under the Region.
Yes, based on your example "Asia Pacific (Hong Kong) data transfer to Asia Pacific (Singapore)" - this likely corresponds to traffic that your resources in Hong Kong are sending out to other resources located in Singapore region. It could be that your resources are responding to requests coming from those other resources in another region. I can't confirm if 26.245GB volume of traffic is a lot... it really depends on the context. The best way to know the traffic patterns and troubleshoot further is really through VPC Flow Logs.