1回答
- 新しい順
- 投票が多い順
- コメントが多い順
1
Hello,
I don't have the answer for ElastiCache and EFS, however for RDS you don't need to allow any outbound connections by default. All the communication the service itself needs to function is done over a different networking path (a separate internal networking interface not impacted by the security group).
Regards
回答済み 2年前
関連するコンテンツ
- AWS公式更新しました 2年前
Thanks for your answer. Since, you mentioned the separate network interface, I hope it's ok to ask an extended question: Does AWS require any specific network ACL inbound/outbound rules to maintain services such as RDS? We would like to adapt the network ACLs to our particular applications running on AWS infrastructure, too. In case we would create a custom network ACL only allowing HTTPS for a specific source/destination IPv4 address, is it still possible that AWS can maintain the managed services? Can AWS then still install updates for RDS or ElastiCache even if the network ACLs do not allow any inbound/outbound connections for that? If not, which protocol, ports and destinations need to be allowed?