I have a large list of IPs (>100) that need to be whitelisted for both inbound and outbound communication on EC2 instances. Is there a way to whitelist them collectively? (The IPs also don't belong to a range and are discontinuous). We are currenlty using security groups for whitelisting IPs, but I couldn't find an easy way to whitelist a large collection of IPs.
PS- I tried exploring IP sets in AWS WAF, but it requires setting up an application load balancer, additionally since we are already using security groups, blocking IPs at the application layer (via WAF) will also block IPs that are already whitelisted at the EC2 level.
Thanks in Advance!
You can use managed prefix lists which allows you to make it easier to configure and maintain your security groups.
Keep in mind that every entry in the prefix list count as a rule in your SG, so probably you will need to request an increase of the default quota (60 inbound and 60 outbound rules per security group).