To control network traffic at the individual User VM (UVM) subnet level, creating a custom security

group is the appropriate action. This approach allows for fine-grained control over inbound and

outbound traffic rules that can be applied to specific subnets or individual instances within those

subnets.

Custom Security Group:

Custom security groups enable administrators to define specific traffic rules tailored to the needs of

individual subnets or VMs. This includes specifying allowed IP ranges, ports, and protocols.

By applying these custom security groups to the UVMs, the organization can control access and

enhance security according to their policies and requirements.

Steps to Create a Custom Security Group:

Navigate to the AWS Management Console and go to the VPC service.

Select "Security Groups" under the "Security" section.

Click on "Create Security Group" and define the name, description, and VPC.

Add inbound and outbound rules according to the desired traffic control policies.

Attach the custom security group to the UVMs or subnets in question.

Reference:

Nutanix Cloud Clusters on AWS Administration Guide

AWS Security Group Documentation

Nutanix Best Practices for Security Groups