It's not really any safer though. If I want to say that server A and B can conne... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

lmm on July 29, 2021 | parent | context | favorite | on: Amazon EC2-Classic Is Retiring

It's not really any safer though. If I want to say that server A and B can connect to each other and connect out to the outside world, and the outside world can connect in to A but not to B, I should be able to just do that, without having to give each server multiple addresses. Addressing should be decoupled from access control.

rswail on July 29, 2021 [–]

AWS security groups allow rules to either be IP CIDR based or you can have rules that refer to other security groups, ignoring the IP addresses.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact