Just signed up for a Lightsail Debian 10 instance on AWS. and set up a new WordPress on it. As an old habit from using DigitalOcean Droplets, I installed ufw to block any connection from ports for other than ssh, http and https.
Later I found the Lightsail console already has an IPv4 Firewall feature, and port 22 and 80 are opened by default.
This makes me wonder, since Lightsail already provides a firewall, does it make sense to do away with ufw? 'Cuz otherwise I'll have to configure both...
Thoughts?
My rule of thumb is that if the AWS security groups are enough for you, then why add another layer of complexity (ufw)? If you want to do more fine-gained filtering, then go for it.