Reputation: 7867
Traffic between EC2 nodes in same security group
I have node1 and node2 in security group sg1, and node3 and node4 in security group sg2. I want incoming traffic for node3 and node4 to come only on port 9600 and from sg1, so I provide source security group as sg1 while creating sg2. Now I want node3 and node4 to communicate on port 9700. Do I need to open port 9700 or not as both these nodes belong to same security group? Also, If I need to open port 9700, then I can't provide source security group as sg2 (because I would be creating sg2 at this moment).
How to tackle this situation?
Upvotes: 0
Views: 194
Answers (1)
Reputation: 13501
Yes, you need to open port even if they belong to the same security group, adding itself as a source.
You could create the groups and add the rules later, thus providing the source security group as sg2, that already exists.
Upvotes: 1
Related Questions
- Inbound rules for security groups
- Can't communicate between two EC2 instances in the same security group via public ip address?
- AWS: security groups ignoring traffic from elastic IP
- Can't Ping EC2 instances under same security group
- Security group through another security group
- EC2 security groups cannot communicate with each other
- AWS: How to allow all TCP traffic between all instances in same VPC?
- Allow crosstalk between AWS security groups
- Security group allowing traffic from itself
- AWS Security Group Not Permitting Inbound Traffic