Reputation: 987
Which ports are opened by default in the same security group to communicate with instances within it?
Are all ports within the same security group opened by default or should we specify them? Like for example TCP on ports 0-65535 and ICMP IPv4 on all ports?
I ask because I noticed I don't need to specify SSH port 22 within the same security group to be able to access other instances in the same security group, so I wonder if this applied to all protocols and all ports.
This is how it currently looks like. The instances within the SG have an IP in the range 172.31.80.0/20. I only allowed SSH from other security groups, not within it.
Upvotes: 0
Views: 752
Answers (1)
Reputation: 26084
By default, instances within the same security group can't talk to each other (over any port); there is an exception however for the default security group.
From the documentation:
Instances associated with a security group can't talk to each other unless you add rules allowing the traffic (exception: the default security group has these rules by default).
Upvotes: 1
Related Questions
- aws security groups: allow ec2 instance to access its own ports
- AWS security group: Port range?
- Cannot connect to an open port ec2 instance
- What Port Does AWS S3 Use?
- How the http connection works when only outbound ports are open?
- AWS Security Group - Set of port for set of IPs
- Are AWS Security Group Port Ranges Inclusive or Exclusive
- AWS Port in Security Group but Can't Connect
- What are all the ports that Amazon AWS recognizes?
- AWS free-tier instance port discrepancy from Security Group specifications