fedora 16 AMI on EC2

Garrett Holmstrom gholms at fedoraproject.org
Tue Dec 20 16:43:18 UTC 2011


On 2011-12-19 22:24, Dennis Gilmore wrote:
> El Mon, 19 Dec 2011 20:07:31 -0800
> Garrett Holmstrom<gholms at fedoraproject.org>  escribió:
>> On 2011-12-19 10:05, Jared K. Smith wrote:
>>> On Mon, Dec 19, 2011 at 1:00 PM, Sandeep
>>> Dixit<sdixit at ohioedge.com>   wrote:
>>>> Yes  - the instance is associated with the "default" security group
>>>> and the "decault" security group has a rule 0.0.0.0 - port 80 /
>>>> http
>>>
>>> I think Steve was referring to the iptables firewall on Linux
>>> itself.
>>
>> It is my understanding that EC2 images generally have their inbuilt
>> firewalls turned off because people are expected to use security
>> groups instead.  Is this correct?  If so, how can I help that happen
>> for the next Fedora release's EC2 images?
>
> correct me if im wrong but i thought that the amazon security groups
> only protects you from whats outside of amazons network. the hosts
> firewall protects you from being attacked from inside of ec2.

Hosts within a security group can communicate freely with one another. 
Communication between hosts in different security groups is subject to 
security group rules in the same way as that with the Internet at large. 
  Since security groups cannot be shared all instances in a given 
security group belong to the same account.



More information about the cloud mailing list