En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Can AWS Network Firewall allow traffic from an instance using its tags or some other metadata

0

Can AWS Network Firewall allow traffic from an instance using its tags or some other metadata? Use case: We have an instance in the same subnets as the other instances. We want that instance to access a smaller list of allowed targets (outbound internet domains or only allow that instance to access a target and not the other instances within the same subnets

Sujets
Sécurité, identité et conformitéRéseaux et diffusion de contenu
Balises
Pare-feu réseau AWSRéseaux et diffusion de contenu
Langue
English
AWS-User-2903916
demandé il y a 2 ans435 vues
1 réponse
3
Réponse acceptée

AWS Firewall does not currently support using tags or other metadata. These are your available rule groups that you can create https://docs.aws.amazon.com/network-firewall/latest/developerguide/rule-groups.html.

In addition AWS firewall can't inspect instances within the same subnet https://aws.amazon.com/blogs/aws/inspect-subnet-to-subnet-traffic-with-amazon-vpc-more-specific-routing/

Here are some good deployment models for AWS Firewall https://aws.amazon.com/blogs/networking-and-content-delivery/deployment-models-for-aws-network-firewall-with-vpc-routing-enhancements/

AWS
AJ_C
répondu il y a 2 ans
profile pictureAWS
EXPERT
Brettski-AWS
vérifié il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents