Menu
For example, I have a main company AWS account one with security group-xxxxx. Now I have my personal aws with security group-yyyyy. The accounts are not related at all. Can I add accept group-yyyyy into the group-xxxxx thereby allowing my personal instances to access the companies instances?
979
You can add an existing Security group to another Security group (also known as nested groups), creating a member group (subgroup) and a parent group.
AWS Security Group can't be nested; they can contain only users, not other groups. AWS Security Group has no default group that automatically includes all users in the AWS account. If you want to have a group like that, you need to create it and assign each new user to it.
Single security groups can be applied to multiple instances, in the same way that you can apply a traditional security policy to multiple firewalls.
When you create a VPC, it comes with a default security group. You can create additional security groups for each VPC. You can associate a security group only with resources in the VPC for which it is created. For each security group, you add rules that control the traffic based on protocols and port numbers.
You can use the web UI to add
other-aws-account-id/account-security-group-id
ie
951413000000/sg-deadbeef as the source
50
For people looking for a solution for this question now, it is possible for security groups to be referenced from cross accounts if their vpc is peered. ! Its a new feature from aws ! Cheers
Link to article
27
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
