Reputation: 21
Block outbound traffic on EC2
Is ther a way to configure EC2 Security Groups so that they do not allow specific types of outbound connectivity (such as making HTTP requests to the public internet)?
Upvotes: 2
Views: 1718
Answers (2)
Reputation: 8494
Security Groups only let you specify allow rules.
To achieve what you're after you would remove the default All traffic/All protocols/All ports/0.0.0.0/0 rule.
This will effectively stop all outbound connections.
If you encounter issues with connectivity after this, add rules to explicitly allow what's needed.
Upvotes: 0
Reputation: 4392
I don't believe so, no. You may have better luck on ServerFault, though.
AFAIK, EC2 security groups are only for accessing the server (eg, keypairs); any internal connectivity would probably have to be regulated through iptables.
Upvotes: 1
Related Questions
- How to deny all outbound traffic from an AWS EC2 Instance using a Security Group?
- Restrict AWS EC2 outbound traffic with a security group
- Adding inbound rules to aws ec2 instance
- Temporary deny outbound traffic in AWS
- How to Block Access to EC2 Instance Public IP Address?
- How do I block calls to a specific endpoint in EC2?
- How to restrict EC2 to access to intranet
- Use a Web Application Firewall (WAF) with an EC2 instance
- AWS - Locking down ports
- How do I lock down outbound firewall access to AWS S3