Security Groups in Snow Devices - AWS Snowcone User Guide

Security Groups in Snow Devices

A security group acts as a virtual firewall that controls the traffic for one or more instances. When you launch an instance, you associate one or more security groups with the instance. You can add rules to each security group to allow traffic to or from its associated instances. For more information, see Amazon EC2 security groups for Linux instances in the Amazon EC2 User Guide for Linux Instances.

Security groups in Snowcone devices are similar to security groups in the AWS Cloud. Virtual private clouds (VPCs) aren't supported on Snowcone devices.

Following, you can find the other differences between Snowcone security groups and EC2-VPC security groups:

  • Each Snowcone has a limit of 50 security groups.

  • The default security group allows all inbound and outbound traffic.

  • Traffic between local instances can use either the private instance IP address or a public IP address. For example, suppose that you want to connect using SSH from instance A to instance B. In this case, your target IP address can be either the public IP or private IP address of instance B, if the security group rule allows the traffic.

  • Only the parameters listed for AWS CLI actions and API calls are supported. These typically are a subset of those supported in EC2-VPC instances.

For more information about supported AWS CLI actions, see List of Supported Amazon EC2 AWS CLI Commands on a Snowcone . For more information about supported API operations, see Supported Amazon EC2 API Operations.