I am trying to set a security group A to allow SSH access from security group B in a different region. I don't have much experience with networking in general and AWS networking.
Followed the instruction from here:
You cannot reference the security group of a peer VPC that's in a different Region. Instead, use the CIDR block of the peer VPC.
So I did… I copied the CIDR from the source region and added it to the inbound rule. Still no access.
I also noted that the CIDR of the VPC of both regions was exactly the same. So I added a new one. Still no access.
I have no idea what is missing…
I know I should probably give much more details but I don't know what is safe to put in the question. Would the CIDR be safe if it is a private address? Can I post screenshots of the inbound rules?
Best Answer
Missed something very fundamental - when creating an inbound rule without a public IP, the traffic source is not the internet. So a VPC peering must be established.
Also note that this way the peer server should be accessed using its private IP address and not the public one.