Which one is a secure way to configure that the instance can be accessed only from this IP?
In the security group, open port 22 for IP 10.20.30.40
In the security group, open port 22 for IP 10.20.30.0
In the security group, open port 22 for IP 10.20.30.40/32
In the security group, open port 22 for IP 10.20.30.40/0
Explanations:
Opening port 22 for IP 10.20.30.40 allows access only from that specific IP, but it is not the correct CIDR notation. It needs to specify a subnet mask for a single IP address.
Opening port 22 for IP 10.20.30.0 allows access to all IP addresses within the subnet (10.20.30.0/24), which is not secure as it includes many more addresses than intended.
Opening port 22 for IP 10.20.30.40/32 allows access specifically from that one IP address only, making it a secure configuration. The /32 CIDR notation denotes a single IP address.
Opening port 22 for IP 10.20.30.40/0 is incorrect as it allows access from all IP addresses (10.20.30.0/0 encompasses all possible IPs), compromising security.