What's new at AWS 📢
♀ Security Group Referencing across VPCs connected by the AWS Transit Gateway can be enabled for additional security
♀ With this capability, customers can simplify management of Security Groups rules and gain a better security posture for their TGW based networks.
♀ List of rules that allow network traffic based on following, IP CIDRs, Prefix-Lists, Ports and SG references.
♀ Existing features that support configure TGW follows
âšś DNS support
âšś VPN ECMP support
âšś Default route table association
âšś Default route table propagation
âšś Multicast support
♀ Benefits of SG references:
âšś It eliminates reconfiguring of rules if app scale up/down or IP changes.
âšś Single rule can cover thousands of instances
âšś Prevents over-running SG rules or ENI limit
♀ Important note:
âšś Its recommend and only work if it has been enabled for both transit gateways and transit gateway VPC attachments.
âšś Cross-reference security groups in inbound rules only not outbound.
♀ Key note for Pricing:
There is no additional charge for using Security Group Referencing on TGW.
đź“Ś Explore more about SG referencing on AWS Transit Gateway:
https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-security-group-referencing-for-aws-transit-gateway/
Top comments (0)