I want to open a set of port which isn't a range, let's say, 5000, 5100, 5200, 5300, 5400, etc for a set of IPs which are different, example 111.111.111.111/32, 222.222.222.222/32, etc
From the security group interface it looks I'll have to add custom inbound rules like:
Is there a way to group any of these? So either:
If no, the issue is that I can't add infinite number of inbound rules. So what's the solution?
You can do that by creating security groups each for 5000 , 5100 etc say security-group-port-5000 , security-group-port-5100 and add the rules accordingly into that security group eg .
security-group-port-5000 - inbound rules 5000 - 111.111.111.111/32,222.222.222.222/32
security-group-port- 5100 - inbound rules 5100 - 111.111.111.111/32,222.222.222.222/32
You can do that using boto3 also
Also, since you can add limited inbound rules, I would recommend to use IpMasking whereever possible.
AWS also provides you to add one security group into another security group also. Read here