Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

How to setup an EC2 Security Group to only allow inbound traffic on a port from the API Gateway only

0

Background:

  • EC2 instances hosting a REST API microservice
  • A Network Load Balancer that fronts the EC2 instances with a port 443 Listener that has an ACM issued Private SSL cert installed on it
  • I have created a VPC link to that NLB.
  • Created an instance of the API Gateway and defined a method on it.

Everything is working fine. I need help with creating a Security Group rule that only allows inbound traffic from the API Gateway on the EC2 port where the API Microservice is exposed. How can I go about doing that?

Will appreciate any help with this issue.

Argomenti
Networking e distribuzione di contenutiServerlessFront-end web e dispositivi mobiliComputazionali
Tag
Amazon VPCGateway API di AmazonAmazon EC2Gruppo di sicurezzaEquilibratore di carico rete
Lingua
English
rePost-User-5508452
posta un anno fa2721 visualizzazioni
2 Risposte
0

This document may help: https://docs.aws.amazon.com/quicksight/latest/user/vpc-security-groups.html

AWS
rePost-User-3200408
con risposta un anno fa
0

You can try to turn off Preserve IP option of NLB Target Group. If you turned off the option, NLB will translate source IP with NLB's IP. It means that you can allow inbound traffic using security group rule with NLB's IP. I didn't test this but I think it should work.

profile pictureAWS
Eunsu_Shin
con risposta un anno fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente