How Can I Use Security Groups to Prevent VPN Access to Some ECSs in a VPC to Implement Security Isolation?
You can configure security groups to allow access only to specific CIDR blocks or ECSs in a VPC through a VPN.
Configuration example: Prevent the customer subnet 192.168.1.0/24 from accessing ECSs in the VPC subnet 10.1.0.0/24.
Procedure:
- Create security groups 1 and 2.
- Configure security group 1 to deny access from subnet 192.168.1.0/24.
- Configure security group 2 to permit access from subnet 192.168.1.0/24.
- Associate ECSs in subnet 10.1.0.0/24 with security group 1 and associate other ECSs in the VPC with security group 2.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.