IF you are using AWS EC2 instances, then you must be using the RDP connections for getting the remote desktop connection to your instance. In this tutorial, I will be telling you about allowing certain IP allowed for RDP connection. So, let’s know How to allow Single or multiple IPs for AWS RDP connections. This will also let you know how you can allow your IP to connect your EC2 instance.
Why do we need to allow certain IPs to AWS EC2 RDP
Everyone nowadays is using cloud services. When services and technologies grow, spamming and hacking attacks also grow, even more. To protect your instances allow only those IPs which are authenticated. For this, you need to set up the IPs in our security groups connected to your EC2 instance.
Before going towards the steps to configure security groups, Let know a bit about what are AWS Security Groups.
What are the AWS Security Groups
AWS security groups (SGs) are connected with EC2 instances, providing security at the port access level and protocol level. This is defined in each security group.
Each security group works as a firewall and contains a set of rules to filter incoming traffic and also the traffic going out of the connected EC2 instance. In AWS security groups, there are no “Allow/Deny” rules unlike in network access control lists and are based on protocol and ports. If there is no rule defined specifically for a particular data packet, then the packet will be dropped.
To maintain the restriction of access at the protocol and port level, you should always restrict access with you EC2 Security Groups
How to allow certain IP to AWS EC2 Security Groups
To allow access to port level and protocol layer in AWS EC2 instance, we need to set rules in Security groups. Each rule is dedicated to a certain port and protocol depending on the type of access level and restriction.
We can allow access to any IP whether for somebody or to your current connection. Here I will tell you about the Remote Desktop Protocol (RDP) Rule. First I will tell you how to add your self IP (current connection IP), then will explain how to add any other IP to the security group.
How to allow your IP to AWS Security Group (RDP)
Below are the steps to allow IP for AWS RDP (Remote Desktop Connection) for current IP.
#1. Log and Select EC2 instance
Firstly, you need to login to your AWS console to access your EC2 Instance and Add rules in your AWS Security Groups.
After you log in, Go to EC2 instance by clicking on EC2 in All / Recent Services. This will take you to a window with two panes.
#2. Access security groups
In the left sidebar, you need to scroll down to see the security groups link. Click on security groups, this will take you to the security groups window where all the groups will be listed.
Another way to access security groups is: Click on the Instance you want to configure. In the panel below, you can see the associated security group name. Click on that name, it will take you to that particular group.
#3. Change the Inbound Rules to allow Access
Click on the Inbound tab and then click on the edit button. It opens a form that will allow editing rules for incoming connections to EC2 instance.
#4. Allow Your IP to connect AWS RDP
- Click on Add Rule and Select RDP in type. It will auto-select the Protocol and Port range.
- Now In the Source, Select My IP. As you will select this option, the respective column will get the value of your IP. For example 127.00.00.00/32
- If you want to add any description, you can add and now you can access the RDP with this IP.
If you want to add some teammates or other IPs, you can do the same steps.
How to allow another IP to AWS Security Group for RDP
Repeat Steps #1, #2 and #3. Then In step #4, when you will select custom in source section and enter the IP you want to, followed by “/32”. For example 127.00.00.00/32 or 156.23.xx.xx/32.
This will allow that IP to connect to That RDP. If you found this tutorial helpful, please share it. If you have any doubts, comment below.