This page contains security group rules reference for specific use cases. It will contain ingress and/or egress rules for each use case. The example provided below provides security best practices to implement security groups. If you want to relax the rules please make sure you understand and consider the risk. Some use case needs only ingress or egress rules, where another use case might need both ingress and egress rules to be applied. Read our AWS Security Group guide to learn more about Security Groups.
Type | Protocol | Port Range | Source | Description |
---|---|---|---|---|
Custom TCP | TCP | 11211 |
AWS ElastiCache Memcached doesn’t need egress rules for its operation. Make sure all security groups attached to your AWS ElastiCache Memcached have empty egress/outbound rules.
Type | Protocol | Port Range | Source | Description |
---|---|---|---|---|
Custom TCP | TCP | 6379 |
AWS ElastiCache Redis doesn’t need egress rules both for cluster mode enabled and cluster mode disabled.
Type | Protocol | Port Range | Source | Description |
---|---|---|---|---|
Custom TCP | TCP | 5432 |
postgres_fdw
) extension. You can use sample egress rules below when using postgres_fdw. (ONLY when using fdw extension)Type | Protocol | Port Range | Destination | Description |
---|---|---|---|---|
Custom TCP | TCP | 5432 |
Type | Protocol | Port Range | Source | Description |
---|---|---|---|---|
Custom TCP | TCP | 3306 |
Amazon RDS for MySQL/MariaDB doesn’t need egress rules for its operations.
Type | Protocol | Port Range | Source | Description |
---|---|---|---|---|
Custom TCP | TCP | 1521 |
Type | Protocol | Port Range | Source | Description |
---|---|---|---|---|
Custom TCP | TCP | 1433 |
Type | Protocol | Port Range | Source | Description |
---|---|---|---|---|
Custom TCP | TCP | 443 |
Type | Protocol | Port Range | Source | Description |
---|---|---|---|---|
Custom TCP | TCP | 80 | ||
Custom TCP | TCP | 443 |
Type | Protocol | Port Range | Destination | Description |
---|---|---|---|---|
Custom TCP | TCP |
Type | Protocol | Port Range | Source | Description |
---|---|---|---|---|
Custom TCP | TCP | 80 | ||
Custom TCP | TCP | 443 |
Type | Protocol | Port Range | Destination | Description |
---|---|---|---|---|
Custom TCP | TCP |
At the time of this writing (September 2020), AWS Network Load Balancer (NLB) doesn’t support security group attachment.