AWS Outpost Rack Network Requirements Clarification - "Outpost Region's public routes"

1

We are considering deploying an AWS outpost rack at one of our sites in the western United States. I know the ports that I need to have opened on our firewalls, but I need clarification regarding the AWS regional IP ranges for our firewall policies.

The Outpost connectivity guide just states "Outpost Region's public routes" - from the AWS IP Address JSON database, which "Service" would this be? There are 19 possible services for the region:

"amazon, route53_resolver, api_gateway, cloud9, ec2_instance_connect, codebuild, amazon_connect, cloudfront, ebs, s3, amazon_appflow, workspaces_gateways, kinesis_video_streams, route53_healthchecks, ec2, globalaccelerator, route53_healthchecks_publishing, dynamodb, chime_voiceconnector."*

Our cyber security team is already cringing at the ports that have to be allowed, so the fewer remote IP address ranges I specify, the more likely we are to not end up with a half million dollar paperweight due to security restrictions!

asked 2 years ago691 views
1 Answer
3

It would be the EC2 Public IP range(s)

The link below also shows how to filter the JSON file to get the latest list for a specific region:

https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html

profile pictureAWS
EXPERT
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions