Reputation: 2300
AWS Security Group rules: How does ssh connection to EC2 still works when I have removed outbound rules
Here is my security group, inbound and outbound rules for the EC2 instance in AWS.
My understanding was that if I block every outbound traffic i will not be able to able to ssh into the system even if the inbound connection is allowed.
I did go through many documentation on it and did not really understand how the system is sending back data to ssh connection when the outbound rules are not allowing it.
Does this mean, a web server will still work without any outbound rules, provided ports for inbound, let's say 80, 443 are opened ?
Upvotes: 0
Views: 891
Answers (1)
Reputation: 10175
The SSH connection is still working because security groups are stateful which means that if a connection/traffic can get inside, it can go outside. NACLs on the other hand are stateless which means that the challenge/test happens on entry and exit of traffic.
Upvotes: 2
Related Questions
- Outbound rules in a security group
- Inbound rules for security groups
- For SSH EC2 connection should there be outbound rule specified?
- How Is Port Forwarding Working on AWS without Security Group Rules?
- AWS Security group : source of inbound rule same as security group name?
- EC2 Security Group inbound rule not working as expected
- How the http connection works when only outbound ports are open?
- Fail to SSH AWS EC2 even when security group allows all traffic
- Changes to inbound rules are not updating to instance
- In AWS EC2, what does a security group with no inbound rules mean?