简体繁体 English

运行AWS opsworks实例所需的基本安全组端口

[英]Basic security group ports required to run AWS opsworks instances

原文 2017-03-11 12:32:05 1 1 amazon-web-services/ amazon-ec2/ chef/ aws-opsworks

I was trying to create some instances in aws opsworks stack. 我试图在aws opsworks堆栈中创建一些实例。 I am performing this on secured vpc. 我正在安全的vpc上执行此操作。 Which is not default one. 这不是默认值之一。 That VPC have internet connection. 该VPC具有互联网连接。 However I have been instructed to restrict sources to required inbound ports to specific address only not to 0.0.0.0/0. 但是，我被指示将源限制为仅特定地址所需的入站端口，而不是0.0.0.0/0。 Generally the ports we are using - ssh, http and https. 通常，我们使用的端口-ssh，http和https。 ssh is ok to restrict to vpc subnet. ssh可以限制为vpc子网。 but I have problem with http and httpd. 但是我对http和httpd有问题。 I have some queries- 1. What are the minimal inbound ports required to run opsworks properly and what will be the source? 我有一些疑问-1.正确运行opsworks所需的最小入站端口是什么？来源是什么？ Hence we are not using 0.0.0.0/0 2. Since my cookbook stored in s3 which is accessible inside vpc. 因此，我们不会使用0.0.0.0/02。因为我的菜谱存储在s3中，可在vpc内访问。 what will be the minimal port required. 什么是所需的最小端口。 3. I am not using Opsworks default security group. 3.我没有使用Opsworks默认安全组。 I am trying to use other security cookbook. 我正在尝试使用其他安全食谱。 4. I have seen Opsworks are using some cookbooks from github.com . 4.我见过Opsworks使用一些食谱github.com 。 If I restrict then will it fail. 如果我限制，它将失败。 5. AWS said the following http and https source should be 0.0.0.0/0. 5. AWS表示以下http和https来源应为0.0.0.0/0。 link 6. When I am restricting ec2 instances are booting up but opsworks it is showing "setting-up" does not show any log messages. 链接 6.当我限制ec2实例启动时，但opsworks显示“设置”时，不显示任何日志消息。

Kindly advise what are the essential inbound ports to be opened and static source required to run in production vpc. 请告知要打开的基本入站端口以及在生产vpc中运行所需的静态源。

Regards Biswajit Das 关于Biswajit Das