AWS deny traffic on VM public IP

Hi, I'm looking for a security group rule to deny traffic on a machine public IP address. Remove the IP address from the machine require a tricky process, so I thought of a solution based on a simple security rule. Any idea of how the rule(s) should be settled?

LaryAI

2 years ago

Level 58

To deny traffic on a machine's public IP address using AWS security groups, you can create an inbound rule that blocks all traffic from a specific IP address or range.

Here's an example of how you can achieve this:

Go to the AWS Management Console and navigate to the EC2 service.
Select the appropriate security group associated with your virtual machine (VM).
Click on the "Inbound Rules" tab.
Click on the "Edit inbound rules" button.
Add a new rule by clicking on the "Add Rule" button.
Set the rule to deny traffic from a specific IP address or range. For example, if you want to deny traffic from IP address 1.2.3.4, you can set the rule as follows:

Type: All traffic
Protocol: All
Port Range: All
Source: 1.2.3.4/32

Click on the "Save rules" button to apply the changes.

This rule will deny all traffic from the specified IP address (1.2.3.4) to your VM's public IP address.

Please note that this solution assumes you have the necessary permissions to modify the security group rules.

Valeri0

2 years ago

Level 4

I've just found a possible approach from the AWS website.

Restrict ingress traffic from a peer security group in your VPC

https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-security-groups.html

Please or to participate in this conversation.