Exam: AWS Certified Cloud Practitioner 0 Likes
A company recently deployed an Amazon RDS instance in its VPC (CLF-C02)
A company recently deployed an Amazon RDS instance in its VPC. The company needs to implement a stateful firewall to limit traffic to the private corporate network.
Which AWS service or feature should the company use to limit network traffic directly to its RDS instance?
A) Network ACLs.
B) Security groups.
C) AWS WAF.
D) Amazon GuardDuty.
Solution
Correct answer: B) Security groups.
Security groups act as a virtual firewall for Amazon RDS instances, controlling inbound and outbound traffic at the instance level. They are stateful, meaning if you allow traffic in one direction, the response traffic is automatically allowed, regardless of outbound rules. This makes security groups an ideal choice for limiting network traffic directly to the RDS instance, ensuring that only the necessary traffic is allowed to and from the instance.
Category: Security and compliance in the AWS cloud