AWS VPC Prefix List demo
ฝัง
- เผยแพร่เมื่อ 5 ก.ย. 2024
- Prefix lists allow you to create lists of IPv4 IPv6 ranges and use them across your AWS organizations with both security groups and route tables.
In this demo, I walk through creating a simple prefix-list for our branch offices and associated it with a new security group.
![เปิดใจ พี่ญา คนรุม หลังทัวร์ลง หนักสุดในชีวิต!! l [Nickynachat]](http://i.ytimg.com/vi/2-OJZRtclro/mqdefault.jpg)
You have a unique way of explaining tech quickly without boring, great demo Brett, Thank you.
Great demo. Very clear explanation.
short and concise.
Nice Demo Brett. Thanks.
Glad you liked it!
good option and nice demo
Thanks, glad you enjoyed it
I created a security group and a prefixed list, when I am trying to add that prefix list to an inbound rule in my security group I get this error:
The maximum number of rules per security group has been reached.
I do not have any other rules in the security group and neither in any other group.
I made prefix list with one entry and also tried without any entry but still getting same error.
I've had that same issue - let me check my notes and see if I can remember how I fixed it
@@brettg98 I fixed the issue, it was with max number of entries of list, like you can't have more than 60 rules thus prefix list must be lesser than 60 entries. But now what shall I do if I want 64 members of my team to access my server?
@@ZampGaming I'm glad you sorted it out. Have a look at the quotas for VPC - docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html
It looks like that's a 'soft' limit, which means you can make a request for more. Make note though that when you increase the number of rules, AWS will lower the number of SG's per network interface.
Thx for good demo
No problem!
Brett, thanks for posting this video, very useful. Do you know if the Prefix Lists can be used for Subnet Access Control Lists?
Hey Steve, no prefix lists can't be used in NACLs. As far as I know they can only be used in routing tables and security groups
Thanks @@brettg98 that's a pity, I find managing the NACLs very frustrating. I have multiple CIDR ranges and I can't even add comments.
@@steveconnolly3776 I totally agree. Having the ability to add comments would be fantastic.
@@steveconnolly3776 Add a feature request In the bottom left corner : Feedback>Feature Request. I've added my own for this and for the security group to change description. I think they will implement this soon.