ssh still active while port closed on AWS EC2


Why can I keep ssh open while closing all ports on an AWS EC2 instance?

I created an AWS EC2 instance with a security group and an ssh key for access.
In that security group I opened port 22 in inbound rules and ssh ubuntu@<ip> to that instance.
Now, I edit the security group and close all ports in inbound rules.
The ssh session is still active and I can still run commands on the EC2 instance.
Only when I exit and try to reconnect the instance ignores me.
Can somebody explain how that’s possible?
So I can’t cancel active ssh sessions by changing security groups?

>Solution :

from Security group connection tracking:

When you change a security group rule, its tracked connections are not immediately interrupted. The security group continues to allow packets until existing connections time out.

Leave a ReplyCancel reply