AWS: How to allow all TCP traffic between all instances in same VPC?

Question

I am setting up EMR clusters on demand, and have a windows EC2 server as a workstation, and a linux EC2 server as a secondary server. All in the same VPC. I would like to avoid having to set security group rules each time an instances comes up with a new IP.

How would I simply allow any traffic to flow freely between all servers in the same VPC?

Thanks!

EDIT- Thanks for the replies, I know this is not good practice in production, but we are dealing with some issues tracking down functionality which we believe is caused by ports, this is just a exploration phase, and this will help us. Thanks!

Answer 1

To add to the other answers here, if you really want this, you can set it up via the Subnet or VPC IP CIDR Block

For example, if your VPC is 10.0.0.0/16, then add that to your security groups and all VPC traffic should be able to flow to each other.

Answer 2

to Allow any traffic between ALL servers in the VPC is not a good practice. you should rethink in your VPC purpose.

Any way, if you want a group of servers to communicate with each other you can create a Security Group

And Assign it for all servers that you want.

and in inbound rules you add one rule from type "All TCP" and the source of this rule will be the same Security Group.

if your Security Group ID is 'sg-xxxxxxxx' then the rule will be like this:

All TPC | TCP | 0-65535 | custom | sg-xxxxxxxx

Answer 3

In the security groups, assign incoming access to other security groups by specifying a security group ID instead of IP addresses. In the web console, if you start typing "sg" in the source field it will pop up a list of your security groups to choose from. Using a security group ID as the source allows all resources that belong to that security group to have access.

Alternatively, if you just want one rule that allows access to every resource in your VPC you would specify your VPC's IP range.