堆栈内存溢出
  简体   繁体   English

AWS 安全组中的“自定义 TCP”是什么?

[英]What is 'Custom TCP' in AWS security group?

 原文  2023-01-14 10:01:15       amazon-web-services/ aws-security-group

问题描述

When I set a inbound rule in a security group for an AWS EC2 like this:当我在 AWS EC2 的安全组中设置入站规则时,如下所示:

在此处输入图像描述

So source type says that only traffic from my computer is to be allowed and only port 8080 in EC2 instance is to be made accessible.所以源类型说只允许来自我的计算机的流量,并且只允许访问 EC2 实例中的端口 8080。

What does 'Type' field here means when I set it as 'Custom TCP'?当我将其设置为“自定义 TCP”时,此处的“类型”字段是什么意思? I see other values for this field, like HTTP,HTTPS,NFS,RDS,Postgres,SSH etc which basically define protocol type(if I am not wrong).我看到该字段的其他值,例如 HTTP、HTTPS、NFS、RDS、Postgres、SSH 等,它们基本上定义了协议类型(如果我没记错的话)。 What does Custom TCP define? Custom TCP定义了什么?

1 个解决方案

解决方案1
 1 已采纳  2023-01-14 10:07:57

Custom TCP just means you can manually type in a port number to open in the AWS firewall.自定义 TCP 只是意味着您可以手动输入端口号以在 AWS 防火墙中打开。 Use this when you need to open a port that doesn't correspond to a commonly used service.当您需要打开一个与常用服务不对应的端口时使用它。 For example, ssh typically uses TCP port 22, and ssh is a program/protocol most AWS system administrators will use, so there is a dropdown option for ssh as a convenience that automatically enters TCP as the protocol and 22 as the port to open for data to flow to your EC2 instance.例如, ssh通常使用 TCP 端口 22,而ssh是大多数 AWS 系统管理员会使用的程序/协议,因此有一个ssh的下拉选项作为方便自动输入 TCP 作为协议和 22 作为要打开的端口流向您的 EC2 实例的数据。

You could alternately select "Custom TCP (port)" and manually enter 22, but then you might give it a name in one security group like "Forward 22 for SSH" and in another security group "open ssh"... Using the dropdown's SSH option provides consistency/readability in your security group rules.您也可以输入 select“自定义 TCP(端口)”并手动输入 22,但随后您可能会在一个安全组中为其命名,例如“Forward 22 for SSH”,在另一个安全组中为“open ssh”...使用下拉菜单的SSH 选项在您的安全组规则中提供一致性/可读性。

IANA maintains a port number registry for common ports, but this list is much larger than AWS is likely to use for their dropdown menu. IANA 为公共端口维护一个端口号注册表,但这个列表比 AWS 可能用于其下拉菜单的列表要大得多。 The options AWS presents are just enough to provide convenience for the most commonly used protocols when you're setting up forwarding rules. AWS 提供的选项足以在您设置转发规则时为最常用的协议提供便利。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS 安全组:入站和出站规则需要什么? - AWS Security Group: What is needed in inbound and outbound rules? AWS 云中的安全组 - Security Group in AWS Cloud AWS 安全组:端口范围? - AWS security group: Port range? 将包含自身和安全组 ID 的 aws_security_group_rule 添加到安全组 - Add an aws_security_group_rule that contains self and a security group id to a security group AWS Cloudformation 为安全组配置 ICMP 协议 - AWS Cloudformation configure ICMP protocol for the security group terraform aws:创建安全组时的协议不正确 - terraform aws: Incorrect protocol in creating a security group AWS RDS 无法连接安全组 - AWS RDS can't connect security group 在 AWS 安全组中创建多个规则 - Create multiple rules in AWS security Group 为什么 AWS 中的 NLB 不需要安全组? - Why is it that an NLB in AWS does not require a Security Group? AWS 安全组不在 VPC 错误中,出现 Terraform - AWS Security Group not in VPC error with Terraform
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM