En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

How to setup an EC2 Security Group to only allow inbound traffic on a port from the API Gateway only

0

Background:

  • EC2 instances hosting a REST API microservice
  • A Network Load Balancer that fronts the EC2 instances with a port 443 Listener that has an ACM issued Private SSL cert installed on it
  • I have created a VPC link to that NLB.
  • Created an instance of the API Gateway and defined a method on it.

Everything is working fine. I need help with creating a Security Group rule that only allows inbound traffic from the API Gateway on the EC2 port where the API Microservice is exposed. How can I go about doing that?

Will appreciate any help with this issue.

Sujets
Réseaux et diffusion de contenuSans serveurWeb et mobile front-endCalcul
Balises
Amazon VPCPasserelle API AmazonAmazon EC2Groupe de sécuritéÉquilibreur de charge réseau
Langue
English
rePost-User-5508452
demandé il y a un an2721 vues
2 réponses
0

This document may help: https://docs.aws.amazon.com/quicksight/latest/user/vpc-security-groups.html

AWS
rePost-User-3200408
répondu il y a un an
0

You can try to turn off Preserve IP option of NLB Target Group. If you turned off the option, NLB will translate source IP with NLB's IP. It means that you can allow inbound traffic using security group rule with NLB's IP. I didn't test this but I think it should work.

profile pictureAWS
Eunsu_Shin
répondu il y a un an

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents