Questions tagged with Security Group
Content language: English
Sort by most recent
Restoring Redshift Cluster from Snapshot fails. You do not have access to node type.
Hello, We have a Redshift Cluster ds2.xlarge running on us-east-1, that have KMS encryption in place. We're aiming to create a clone of it for testing a node upgrade using the console. To do so, we created a manual snapshot. For the next step, we're selecting the snapshot and "Restore to provisioned cluster". In the configuration screen, assigning a new name to cluster identifier and keeping all other parameters the same. That is: * **Node type:** ds2.xlarge (all other options grayed out) * **Number of nodes:** 1 (Only allows 1) * **Database name & port:** Same as original cluster * **Cluster Permissions:** Associating same IAM roles as original cluster * **Additional Configurations:** Using default VPC, subnet and Security Group and Configuration (Same as original cluster) Upon selecting the above "Restore cluster from snapshot" throws the following error: `You do not have access to node type ds2.xlarge. Choose another node type` We're using the same admin account both for KMS and the Redshift Cluster. Wondering if the issue could be using the same VPC, encryption or something else? Thanks
I can not connect to my ec2 instance by ssh, sg port checked
I start my free trial ec2 instance (AMI : amzn2-ami-kernel-5.10-hvm-2.0.20220719.0-x86_64-gp2), and got a public ip address on it , security group rules expose all ports no matter in&outbound even But i just can not connect to it , i have received "Connection failed" msg in my local pc ssh client, and i also try to connect it by using aws console "EC2 Instance Connect" option to do that, it fail as well. (console msg here) ![Enter image description here](https://repost.aws/media/postImages/original/IMj0UiiC_rTjKdk-5IDXxCRQ) AND I even stop this ec2 instance and start a new one with totally new config like previous one, but got same result. By using port scan tool , I found the port 22 is closed, question is that my sg rules open it **definitely** (console screenshot here) ![Enter image description here](https://repost.aws/media/postImages/original/IMakXEDNrlSVWg3tsJIkAVVQ) Finally, I found a stackoverflow question like my situation , [this answer](https://stackoverflow.com/a/55234006/19652493) maybe the result ? Is my account "isolated" ? Is there anyone could tell me something useful ?
EC2 Instance Connect SSH source IP
Hi All, Im working with my first EC2 instance and im going around the details of security groups. The default security group that i have includes an allow all (0.0.0.0/0) inbound ssh (tcp-22). When I establish an ssh connexion via the EC2 instance connect method (directly from the management console) I see that the source ip is an aws ip ... public ip (i check by doing a who). Do you know what is this ip? is it the cloudshell from my management console? thanks in advance!
open port to multiple IP's
I am looking to open a port to a EC2 Instance from multiple ip's. Rather than creating a rule for each IP address is there any other options. I have tried creating a prefix list and added a list of IP's there but when i try apply prefix list in the secuurity group i get an error The maximum number of rules per security group has been reached.
How to Connect Private RDS PostgreSql Instance using Pgadmin locally?
![Enter image description here](https://repost.aws/media/postImages/original/IMdXBKQnVzQzS4I4yl9xEFog) Hello experts, From above Architecture diagram you can able to get all the required information. Here is the doubts: * **My goal is to connect RDS Postgresql Engine from my pgadmin locally and to build a dashboard using tableau from that RDS Database.** * My Ec2 instance will do data extraction process and store it into DB, Now I need to access the database whenever my EC2 instance is turned off or directly connect to DB from my pgadmin locally, However it should present in private subnet. Any guidance and help will be really thankful to you. As I'm beginner please help to solve this problem. 🙏🙂🙏
Unable to telnet port 2525
Hello, I've setup an smtp server on my EC2, t2.micro, ubuntu, which is running on port 2525. I can ssh into the instance and telnet 2525, and my smtp server works perfectly. However, I'm unable to telnet this specific port from outside. I've checked the security group and added a rule to allow all inbound, outbound traffic (all traffic) for port 2525. I've checked the Network Access List and that too is default with no restrictions. When I try to telnet port 22, that works, but for 2525, I get: *telnet: Unable to connect to remote host: Connection refused*
problems migrating EC2-Classic to Amazon VPC
I'm in the process of migrating an EC2-Classic instance to Amazon VPC. I have created the VPC and a new AMI. The AMI is running, and passes security checks, but I cannot open any network connections to it at all. I cannot even ping it using IPv4 or IPv6. I set up security group rules based on the rules that I am currently using for the EC2-Classic instance. The only thing I can do is access the console using the EC2 serial console. I cannot login from there (presumably because the ec2-user account has no password), and there are no indications on the console of any problems (no error messages, etc.). What can I do? Have I missed a step? I followed the directions for the migration sent to me and attempted to recreate the same type of environment I have on the new instance as the previous EC2-Classic instance. Do I need to purchase a support option? (I don't currently have one.)
How to connect On-premise Oracle database from Glue without using Crawler
Hello All, I have some doubts regarding designing glue job . 1. Do we always need catalog and crawler to connect to any database ? 2. Can we connect to database directly either using spark read or dynamic_frame_from_options by passing DB details ? 3. I was going though https://aws.amazon.com/blogs/big-data/how-to-access-and-analyze-on-premises-data-stores-using-aws-glue/ but in this we are connecting to database via catelog . cant we connect directly ? 4. If answer to 1 and 3 is yes then do we need to attach VPC to Glue , if yes then how ?I dont see any option in console to attach VPC directly ? 5. In security group do we need database ip address mentioned in outbound rules ?
Tracking what is using a security group
Hello, I am still at trying to clean up AWS account, and am needing some advice. In AWS - EC2 - Security Groups - I have several critical vulnerabilities there, and in lieu of just nixing the issues, as im SURE it will blow something up, how do I find what function(s) are using this security group. So I can chase it back to its roots, see if they can be safely removed, or changed so the security value that is a vulnerability can be removed. THANKS