Just a little add-on: you can reference a Security Group in another account (provided there is a properly set cross account communication via VPC peering for example, of course) prefixing the account ID followed by a slash to the SG id itself:
Maybe it's a 4th way or just a variant on the 2nd one :)
That's an excellent point @E Gabrielli. Being able to reference like that is another very helpful way of allowing access.
Is method two applicable for VPC's connected via TGW?
@PK might be helpful to take a look here: https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpc-attachments.html You wouldn't be able to reference them across the attachments
I used method 3 but it will hit the Security Group limitation?
- create a prefix list including 21 IPs
- create a security group including 2 rules by reference that prefix list but I got the ERROR:
Creating security group Create 2 inbound rules The maximum number of rules per security group has been reached.
- EXPERTpublished 2 months ago
- EXPERTpublished 5 months ago
- EXPERTpublished 4 months ago
- How do I resolve the error "CannotPullContainerError: You have reached your pull rate limit" in Amazon ECS?AWS OFFICIALUpdated 6 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a month ago
- How can I resolve the error "You have exceeded the allowed number of AWS accounts." for AWS Organizations?AWS OFFICIALUpdated 7 months ago