...
Security Group
...
Description
...
Ports
...
Details
...
Admin
...
CHF-Access-Web
...
CHF internal web access
...
80, 443
...
Allows a list of employees to connect to 80 and 443. This is not being applied to any machines; both staging and production ASpace already allow access to those two ports via Public-Access-Web.
...
...
internal-networking-production
...
Access between production machines
...
8080, 8983, 6379, 5432, 19999
...
All Samvera machines needed to be members of this group to communicate with each other.
Port 8080 is Fedora, 8983 is Solr, 6379 is Redis, 5432 is Postgres, 19999 is netdata for monitoring.
...
...
internal-networking-staging
...
Access between staging machines
...
8080, 8983, 6379, 5432, 19999
...
All Samvera machines needed to be members of this group to communicate with each other.
Port 8080 is Fedora, 8983 is Solr, 6379 is Redis, 5432 is Postgres, 19999 is netdata for monitoring.
...
In addition there is a default security group that appears unused, but cannot be deleted.
When a machine has multiple security groups, as long as any one of the groups allows access the connection will work through the firewall. Anything not covered will be rejected however.
...