Reputation: 1174
in AWS, how to configure web server security group to only accept traffic from the load balancer in AWS?
how to configure web server SG to only accept traffic from the load balancer in AWS?
currently, my EC2 instance's security group has an inbound rule added like this:
Type Protocol Port Range Source
HTTP TCP 80 Anywhere 0.0.0.0/0
This works fine, though I am not sure if all my requests are intercepted by the load balancer (Elastic beanstalk). If I change the Source in inbound rules to point to the load balancer security group, it stops working.
What is the correct way to configure this so that web servers take requests only from the load balancer ?
Upvotes: 0
Views: 1172
Answers (1)
Reputation: 4012
Put the load balancer in security group a (say sg-a). Put the instance in the same security group (or a different one) and allow traffic from sg-a on port 80.
Load balancers talk to the instance on its internal address which allows you to allow traffic from one security group to another.
Upvotes: 1
Related Questions
- Configure AWS EC2 instance to only allow traffic from load balancer
- How to configure AWS internet facing LB SecurityGroup for internal and external requests
- Restrict AWS EC2 outbound traffic with a security group
- AWS load balancer security group not allowing traffic even when all allowed
- How to restrict access to ALB so that it reads traffic only from a Ec2 machine in AWS?
- AWS load balancer Only Allow Traffic From aws instances
- How to restrict access to AWS Load Balancer so only another specific AWS Load Balancer can have Inbound access?
- How to make security groups between load balancer and ec2
- How to close access to instance to all except load balancer?
- Any way to configure AWS security group to allow private instances to access a public-facing Load Balancer?