Skip to content

Revert "[Security] Scoped down the network access to managed EFS and FSx storage #7206

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
gmarciani merged 1 commit into from
Jan 22, 2026
Merged

Revert "[Security] Scoped down the network access to managed EFS and FSx storage #7206

gmarciani merged 1 commit into from
Jan 22, 2026

Conversation

@gmarciani
Copy link
Contributor

@gmarciani gmarciani commented Jan 22, 2026

Description of changes

This reverts #7193

We need to revert this commit because the scope down causes cluster creation failure.
The failure occurs on "large cluster" because the shared storage security group ends up with too many rules, which are increased by the scope down. This causes quota exceeded for sg rules (max: 60 rules / SG)

In particular it fails when we set 10 login pool, 50 queues, each using a different custom security group.

Tests

This is a plain revert, unit tests are enough

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@gmarciani
Revert "[Security] Scoped down the network access to managed EFS and …
ecdb8f0 
…FSx storage"

This reverts commit c3398ca.

We needed to revert this commit because the scope down causes cluster creation failure
because of security group rules quota being exceeded on shared srtorage security group
on big cluster configuration.
In particular it fails when we set 10 login pool, 50 queues, each using a different
custom security group.
@gmarciani gmarciani requested review from a team as code owners January 22, 2026 15:40
@gmarciani gmarciani enabled auto-merge (rebase) January 22, 2026 15:41
@gmarciani gmarciani merged commit 41edb3c into aws:develop Jan 22, 2026
42 of 43 checks passed
@gmarciani gmarciani deleted the wip/mgiacomo/3150/revert-storage-sg-rules-0122-1 branch January 22, 2026 17:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hanwen-cluster hanwen-cluster hanwen-cluster approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gmarciani @hanwen-cluster