What's new at AWS 📢
♀ Security Group Referencing across VPCs connected by the AWS Transit Gateway can be enabled for additional security
♀ With this capability, customers can simplify management of Security Groups rules and gain a better security posture for their TGW based networks.
♀ List of rules that allow network traffic based on following, IP CIDRs, Prefix-Lists, Ports and SG references.
♀ Existing features that support configure TGW follows
⚜ DNS support
⚜ VPN ECMP support
⚜ Default route table association
⚜ Default route table propagation
⚜ Multicast support
♀ Benefits of SG references:
⚜ It eliminates reconfiguring of rules if app scale up/down or IP changes.
⚜ Single rule can cover thousands of instances
⚜ Prevents over-running SG rules or ENI limit
♀ Important note:
⚜ Its recommend and only work if it has been enabled for both transit gateways and transit gateway VPC attachments.
⚜ Cross-reference security groups in inbound rules only not outbound.
♀ Key note for Pricing:
There is no additional charge for using Security Group Referencing on TGW.
📌 Explore more about SG referencing on AWS Transit Gateway:
https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-security-group-referencing-for-aws-transit-gateway/
Top comments (0)