mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
35 lines
1.6 KiB
Plaintext
35 lines
1.6 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * installing/installing_aws/installing-aws-vpc.adoc
|
|
// * installing/installing_aws/installing-aws-private.adoc
|
|
// * installing/installing_aws/installing-aws-government-region.adoc
|
|
// * installing/installing_aws/installing-aws-secret-region.adoc
|
|
// * installing/installing_aws/installing-aws-china.adoc
|
|
// * installing/installing_aws/installing-aws-localzone.adoc
|
|
// * installing/installing_aws/installing-aws-outposts-remote-workers.adoc
|
|
|
|
ifeval::["{context}" == "installing-aws-localzone"]
|
|
:localzone:
|
|
endif::[]
|
|
|
|
:_mod-docs-content-type: CONCEPT
|
|
[id="installation-aws-security-groups_{context}"]
|
|
= Optional: AWS security groups
|
|
|
|
By default, the installation program creates and attaches security groups to control plane and compute machines. The rules associated with the default security groups cannot be modified.
|
|
|
|
However, you can apply additional existing AWS security groups, which are associated with your existing VPC, to control plane and compute machines. Applying custom security groups can help you meet the security needs of your organization, in such cases where you need to control the incoming or outgoing traffic of these machines.
|
|
|
|
As part of the installation process, you apply custom security groups by modifying the `install-config.yaml` file before deploying the cluster.
|
|
|
|
ifndef::localzone[]
|
|
For more information, see "Applying existing AWS security groups to the cluster".
|
|
endif::localzone[]
|
|
ifdef::localzone[]
|
|
For more information, see "Edge compute pools and AWS Local Zones".
|
|
endif::localzone[]
|
|
|
|
ifeval::["{context}" == "installing-aws-localzone"]
|
|
:!localzone:
|
|
endif::[]
|