security-groups-do-not-filter-dns-dhcp-metadata

Status: IN

Security groups do not filter traffic to/from Amazon DNS, DHCP, EC2 instance metadata (169.254.169.254), ECS task metadata, Windows license activation, Time Sync Service, or default VPC router reserved IPs.

Source: entries/2026/03/08/vpc-security-groups.md

JSON