What is 'Custom TCP' in AWS security group?


When I set a inbound rule in a security group for an AWS EC2 like this:

So source type says that only traffic from my computer is to be allowed and only port 8080 in EC2 instance is to be made accessible.

What does ‘Type’ field here means when I set it as ‘Custom TCP’? I see other values for this field, like HTTP,HTTPS,NFS,RDS,Postgres,SSH etc which basically define protocol type(if I am not wrong). What does Custom TCP define?

>Solution :

Custom TCP just means you can manually type in a port number to open in the AWS firewall. Use this when you need to open a port that doesn’t correspond to a commonly used service. For example, ssh typically uses TCP port 22, and ssh is a program/protocol most AWS system administrators will use, so there is a dropdown option for ssh as a convenience that automatically enters TCP as the protocol and 22 as the port to open for data to flow to your EC2 instance.

You could alternately select "Custom TCP (port)" and manually enter 22, but then you might give it a name in one security group like "Forward 22 for SSH" and in another security group "open ssh"… Using the dropdown’s SSH option provides consistency/readability in your security group rules.

IANA maintains a port number registry for common ports, but this list is much larger than AWS is likely to use for their dropdown menu. The options AWS presents are just enough to provide convenience for the most commonly used protocols when you’re setting up forwarding rules.

Leave a Reply Cancel reply