AWS Certified Solutions Architect - Professional 2020

Sign Up Free or Log In to participate!

Do security group rules need to use ephemeral ports?

In the "Network Controls and Security Groups" chapter 00:45, it’s said that "Remember ephemeral ports for outbound if you need them".

I don’t think we need to use ephemeral ports in Security Group rules.

Henry Liu

Sorry, the time is 00:38, not 00:45

1 Answers

Hi Henry, I agree with you. They are more often needed in the NACL rules. I can’t think of a reason to include ephemeral ports for outbound rules in Security Groups since the Security Groups are stateful. I haven’t listened to the module you are referring to yet, but will do so and submit a support ticket if required. (Updated – I watched the lecture and have submitted a ticket to the ACG content team, and given you a point for noticing and reporting this. Thank you.)


Henry Liu

Thanks Tom!

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?