2 Answers
- Newest
- Most votes
- Most comments
1
The /32 CIDR range only allows a single host in the range. VPC CIDR ranges are typically between /16 and /24. If you want all hosts associated to the security group to communicate with each other on all ports and protocols you will need to expand the CIDR range to match the CIDR of your VPC (i.e. something like 172.31.0.0/16) or you can self reference the security group id as the source in the rule rather than a CIDR range. See this documentation.
0
/32 mean single IP address. 172.31.0.0/32 won't much with any EC2 instance. You have to create rule for each server. Ex: 172.31.10.5/32 First EC2 172.31.10.6/32 Second EC2
answered a year ago
Relevant content
- asked 2 years ago
- Accepted Answerasked 10 months ago
- asked a year ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
What if I know that all the EC2s will be on the same VPC and will all have private IPs within the range of 172.31.0.0? Is there not a way to specify everything within that range?
Please see my answer below for a link to AWS docs but the short of it is you need the rule CIDR range to match your VPC CIDR. Assuming your VPC is defined as 172.31.0.0/16 this is what your rule should reflect. Or you can self reference the security group and not deal with CIDR ranges at all.