1

AWS Security Groups - EC2 to RDS

view story
linux-howto

http://serverfault.com – I wanted to ask about connecting EC2 to RDP in AWS. I have added my EC2 Security Group (that contains the EC2 instances) into the Default RDP Group and Data is flowing - the connection works. The EC2 Security group has Port 80 to 0.0.0.0/0 and SSH to my IP enabled. I'm a touch concerned that by adding this EC2 group to the RDS Database it will allow Port 80 traffic from anywhere to access the Databases. Is this correct or wrong? Do the rules in the EC2 apply to the RDS instances if you connect them like this? I did read on the AWS websites that 'Database Security Groups only allow acces (HowTos)

taskli's picture
Submitted by taskli on 10/01/2012

Stories similar to AWS Security Groups - EC2 to RDS

I have an instance with security group A and an instance with Security group B. They have the internal IPs: 10.0.0.41 (A) and 10.0.2.215 (B) A does not have B as allowed in the security group A, and vice versa. But they suppose to be on the same intranet. Is it possible to connect those Windows instances? For example to allow 10.0.0.41 to connect to 10.0.2.215:22?

Within our AD set-up there are a lot of security groups, but only 1 distribution group (that a previous admin created). Both types of group contain lists of domain objects (users in the one I was looking at).

What is the difference between a Security Group and a Distribution Group?

I have a test setup with two user groups: group-a and group-b, and a single samba-share with

path = /data/share read only = no create mask = 770

Certain users are in both group-a and group-b and have group-a as their primary group.

I know that you can set Security Group rules with ec2-authorize and ec2-revoke. How do you view the rules of a given security group?

It seems to me that there are as many ways to do this as there are sysadmins out there. This is what I came up with.

Security of /var/www is left as-is.

Security of the directories and subdirectories under /var/www have the following perm/user/group: drwxrws--- martijn www

Security of files in those directories (recursive) is: -rw-rw---- martijn www

martijn is the owner.

Conflicting group policies 40 weeks 5 days ago

I got 5 servers where i need to lock them down so as standard there is only read only access to the C drive and a couple of other servers where full admin access is required all the time. There is a need however that out of the 5 servers that are locked down all the time a user can request access and they be moved into an approved security group for that server.

I am an AD newbie and have been tasked with this situation: Win 2008 r2 environment, create security groups in AD where root folder has only read access for all; sub folder 1 has read for 1 group public and full for another group; sub folder 2 has no public access and full access for another - no group can change root folders names.

I have a time issue on this. Please help!

I know a little about users and groups; in the past I might have had a group like 'DBAS' or 'ADMINS' and I'd add individual users to each group...

But I was surprised to learn I could add users to other users - as if they were groups.

For example if my /etc/group contained the following:

user1:x:12501: user2:x:12502:user1 admin:x:123:user2,jim,bob

Since user2 is a member of the admin group, a

Written by: Stuart Corner | Published in: StrategyThe Cloud Security Alliance (CSA) and Fujitsu Laboratories of America have formed the Big Data Working Group to "address the need for collaborative research and solutions to today's big data security challenges."