AWS Edit Firewall Rules

1 minute read

Description:

Editing Security Groups in AWS hardly deserves it’s own post, but wanted to include it because this is something you will be doing often as an Admin. The main thing to note here is that AWS has a hidden block all rule at the end so whatever you don’t open - doesn’t get through.

To Resolve:

  1. Go to https://account.activedirectory.windowsazure.com/r#/applications

  2. Pick account with correct access (assuming your organization has single sign on with AWS)

  3. Type ec2

  4. Go to Security Groups

  5. Click on your group and edit your Inbound rule

  6. Click save, should take effect immediately

Common Setups:

  1. For Windows VMs:
    • Allow 3389 from your organizations public IP space only - we restrict this further by only allowing a specific subnet that can only be reached behind VPN with two factor authentication.
    • Allow ICMP - Version 4 from your organizations public IP space only - we restrict this further by only allowing a specific subnet that can only be reached behind VPN with two factor authentication.
  2. For Linux VMs:
    • Allow 22 from your organizations public IP space only - we restrict this further by only allowing a specific subnet that can only be reached behind VPN with two factor authentication.
    • Allow ICMP - Version 4 from your organizations public IP space only - we restrict this further by only allowing a specific subnet that can only be reached behind VPN with two factor authentication.
  3. For other ports, see my Common Ports post.

Categories:

Updated:

-----------------------------------------------------------
Spotted a mistake in this article? Why not suggest an edit!
-----------------------------------------------------------

Comments