AWS

How to Block an IP Address in AWS

2 years ago
by Abdul Mannan
Two tools can be used to block an IP address in AWS: A network ACL or a security group. A network Access Control Link (ACL) is a list of allowed or denied IP addresses and security groups are used only to allow traffic from particular IP addresses. In this post, we will discuss both methods in the following order:

  • Using Network ACL Block an IP Address in AWS
  • Using Security Groups Block an IP address in AWS

Let’s learn how to block an IP address in AWS using the network ACL method.

Using Network ACL Block an IP Address in AWS

To block an IP address in AWS, you must select the instance by clicking on it. All the information about the selected instance will be available under it. Click on the “Subnet ID” link to change the subnet setting to block an IP:

On the “Subnets” page, select your subnet from the list. In its information, you will select the “Network ACL” tab and then click on the “Network ACL” link:

From the Network ACL page, you need to click on the “Edit Inbound rules” button from the “Inbound rules” section:

After clicking on the “Edit inbound rules” button page, you will be directed to the rules page. Here, you can add a rule to block any IP address.

  • For that, click on the “Add new rule” button
  • A new row will appear, and you can set the rules according to your requirements in that row
  • You can enter the IP address in the “Source” cell, that you want to block
  • Select “Deny” from the “Allow/Deny” cell to block an IP address
  • Click on the “Save changes” button to apply the rule:

On the “Network ACLs” page, you can see that “Rule number” 90 has been added in the “Inbound rule” section. You have blocked the IP address (17.0.0.0/8) from sending any kind of traffic to our selected instance:

You have successfully blocked an IP address using Network ACL in AWS.

Using Security Groups Block an IP address in AWS

You can not directly block an IP address in AWS using security groups. Instead, you only create a list of all allowed IP Addresses, and all other IP Addresses will automatically be blocked. For that, just visit the security rules of the instance and click on the “Edit inbound rules” button.

From there you need to repeat the above-mentioned process of adding a rule and allowing any IP address. By allowing one IP address you have blocked all of the other IP addresses from getting any kind of traffic.

You have successfully blocked IP addresses using the security groups.

Conclusion

You need to edit the Network ACL or security group rules to block an IP address in AWS. You can change the rules in the “Edit Inbound rules” section. By adding a network ACL rule, you can set the source IP address to block it from getting any traffic. On the other hand, adding rules in the security group will allow the specific IP address and block all the other addresses. Rules can be added and deleted at any time according to requirements. In this post, you have learned how to block an IP address in AWS using network ACL and Security groups.

About the author

Abdul Mannan

I am curious about technology and writing and exploring it is my passion. I am interested in learning new skills and improving my knowledge and I hold a bachelor's degree in computer science.

View all posts