How long do modifications to Managed Prefix Lists take to alter access provided via Security Groups?

0

Hi All, I'm a new AWS user, stood up an EC2 instance and provided SSH access to it from my local IP via a security group. As I built out that instance, I added access to additional ports through that security group. If I needed to work remotely, I was either modifying the security group to change the source addresses or adding new rules with the new source address. This has been happening a little too frequently lately, and that's what let me to Managed Prefix Lists. I defined a new list and added an address I had specifically defined via the security group rules and another that I've never defined before. I then removed the SG rules that used the single address and created identical rules using the PL instead. I notice there is a "status" that shows the list creation or modification has been completed.

Attempting to access my EC2 instance however has not been successful from the new source address while the old address has maintained access. My prior experience with SG's has been that they update very quickly, so I would imagine removing the rules specific to the single address to be successful and my continued access to the resource an indication that the PL is installed and functioning. If that's the case, then why have I not been able to access from the new address? All I can think of, aside from not configuring this properly, is that there's some sort of delay, that my original rules are still in effect and the lists are not.

Do you have any ideas on what I might be missing here? I'm solely using the AWS VPC Console to configure this in us-east-1 and us-west-1.

preguntada hace 3 meses134 visualizaciones
1 Respuesta
0

Hello.

I don't think it will be delayed even if the prefix list is set in a security group.
Perhaps the security group settings are incorrect or the IP address of the connection source is incorrect?
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules.html
https://docs.aws.amazon.com/vpc/latest/userguide/working-with-managed-prefix-lists.html

profile picture
EXPERTO
respondido hace 3 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas