AWS Certified Solutions Architect - Associate (SAA-C02)

Sign Up Free or Log In to participate!

Blocking single IP with security groups

I do not understand why he says you can not block a single IP with security groups. It seems quite possible. 

Exhibit 1:

2 Answers

you can only do it with Network ACLs


Thank you for your reply! But could you support that with relevant piece of documentation or explanation?

Answering my own question: It finally hit me that allow is not the same as Block

Security groups do not have "Block" rules. So blocking a single IP or a range of IPs while allowing everything else would require creating an allow for all the IP spaces except for the IPs you want to block.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?