When an ENI is created at least one security group has to be attached to it and it's the same for EC2 instances. why do we have to mention securing a group in both of them separately when it works the same?
what happens if you attach a security group to an instance and attach an existing ENI to that instance with a different security group as its primary ENI? will that ENI be modified after it's detached from the instance?
what will happen if an instance with multiple ENI uses diffrent security groups?
CodePudding user response:
Is attaching security group to an ENI same as attaching security group to an instance?
Yes. In fact you don't attach a SG to an instance technically, but to ENI associated with the instance.
Also what will happen if an instance with multiple ENI uses diffrent security groups?
Yes. Each ENI can have its own set of SGs.