While configuring security groups in AWS, few parameters are to be selected, like
Type, Protocol, Port range, Source
What exactly Port range mean? Does it represent port where client process runs or port of the AWS resource?
CodePudding user response:
Does it represent port where client process runs or port of the AWS resource?
It represents ingress or egress ports (e.g. 22-80
) that are allowed through or out of your SG. Your application nor instance may not use these ports at all.
The example range 22-80
for ingress would mean that incoming traffic on ports from 22 to 80 is allowed to pass through the SG. Your instance may not not listen to these ports at all. From SG perspective it does not matter.
Obviously its a bad security practice to open more ingress ports that your instance actually uses. So if you only want to access your instance through port 22 (ssh) and 80 (http), then only allow these to particular ports, not entire range.