1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Hello.
CloudFormation cannot obtain the ELB IP address.
https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-elasticloadbalancingv2-loadbalancer.html#aws-resource-elasticloadbalancingv2-loadbalancer-return-values
As an alternative, how about setting up a security group in NLB and setting it as the source of security group in ALB?
https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-security-groups.html
関連するコンテンツ
- AWS公式更新しました 1年前
yeah correct we dont get the ELB IP address. So what I did is created an security group ingress resource and added the security group of ALB in "GroupId" and NLB security group ID as "SourceSecurityGroupId" https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group-ingress.html#cfn-ec2-securitygroupingress-sourceprefixlistid
Will this work?? Or what I was thinking is to put both security group same for ALB and NLB.
In this article it shows to connect ALB and NLB register the IP address of NLB in security group of ALB so I was trying to figure a way with CFTs https://blog.developer.adobe.com/deploy-microservices-using-aws-ecs-fargate-and-api-gateway-1b5e71129338
Although it is possible to use the same security group for ALB and NLB, the rules will be the same, so if ALB is placed publicly, you will not be able to control access only to NLB. I think it is better to set different security groups for ALB and NLB.