2 個答案
- 最新
- 最多得票
- 最多評論
0
Hello.
Are the IP addresses allowed in the outbound rules of the security group correct?
We would also need to check the protocols that are allowed.
0
I would suggest enabling VPC flow logs and see what is being blocked when you use x.x.x.x/32 https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs-cwl.html#flow-logs-cwl-create-flow-log
已回答 9 個月前
Very helpful! Thank you getting closer now
相關內容
- 已提問 7 個月前
AWS 官方已更新 8 個月前- AWS 官方已更新 2 年前
Evidently not - I turned on flow logs and found the ips that were getting rejected and quickly added them to the outbound rules and that temporarily worked. After a few minutes my requests started to time out again and I'm not sure what caused it - also not sure where I should be finding the ips that were rejected. No host resolving tool returns them..
It may depend on what kind of service you are connecting to, but it may have multiple IP addresses.
Say I wanted to allow https requests to google.com?
If it's google.com it resolves to the multiple IPv4 and IPv6 addresses. You can't expect that it will be always some fixed group of addresses. Some SaaS provide network CIDRs, so you can use them to whitelist, but never heard that Google does it for their google.com site.