Is it worth installing UFW on an AWS EC2 instance?

amazon-web-services firewall amazon-ec2 ufw

I would usually run UFW on servers I deploy, however I've just started using AWS and I see they already provide a firewall, allowing to set inbound/outbound rules, etc.

So I'm wondering if it's ever useful to have both the AWS firewall and UFW running at the same time? Or can I drop UFW altogether?


Solution 1:

As AWS provides firewall/Security groups which are very efficient, I would say and advocate that it is not required to have a additional firewall program such as UFW.

Also, having the UFW would also tend to cause confusion wrt priority of the rules when we have the set up of firewall/iptables/UFW all together which could be understood by referring the following posts.

  1. How to deny IP ranges with ufw?

  2. https://stackoverflow.com/questions/57436758/does-ubuntu-ufw-overrides-amazon-ec2s-security-groups-and-rules

Please update if you have any further queries.

Related

How to minimize ecs autoscaling reaction time from terraform?
How to LTS for new Ubuntu users?
Yahoo Mail: "No mx record found for domain"
DMARC report with passing O365 DKIM signature being sent by Google server
Enable logical replication on Google Cloud Postgres
Can a Second-level domain be considered as a Fully-qualified domain?
ssh spammed from 127.0.0.1 (“Did not receive identification string” and “Bad protocol version identification”)
Nginx handle SSL and proxy pass to HTTP backend in docker but tries to keep serving local content
command "docker compose up" not found in azure aci
AWS Client VPN SSO SAML Linux client
nginx redirecting to localhost
How do I set up a Minecraft server on a specific port?