What's new at AWS π’
β Security Group Referencing across VPCs connected by the AWS Transit Gateway can be enabled for additional security
β With this capability, customers can simplify management of Security Groups rules and gain a better security posture for their TGW based networks.
β List of rules that allow network traffic based on following, IP CIDRs, Prefix-Lists, Ports and SG references.
β Existing features that support configure TGW follows
β DNS support
β VPN ECMP support
β Default route table association
β Default route table propagation
β Multicast support
β Benefits of SG references:
β It eliminates reconfiguring of rules if app scale up/down or IP changes.
β Single rule can cover thousands of instances
β Prevents over-running SG rules or ENI limit
β Important note:
β Its recommend and only work if it has been enabled for both transit gateways and transit gateway VPC attachments.
β Cross-reference security groups in inbound rules only not outbound.
β Key note for Pricing:
There is no additional charge for using Security Group Referencing on TGW.
π Explore more about SG referencing on AWS Transit Gateway:
https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-security-group-referencing-for-aws-transit-gateway/
Top comments (0)