3 Respostas
- Mais recentes
- Mais votos
- Mais comentários
4
After a lot of trial and error i have finally found the solution.
You should first make sure that you select a public subnet when creating the VPC connector
Then, when the app runner service is running follow the next steps:
- Go to the network interfaces section, inside VPC module, and you will find one interface with a description starting to Fargate ENI... that belongs to the public subnet you choose when creating the app runner service. That's the network interface of your app runner service. Note down the id of that network interface, eni-...
- Now go to elastic ip, in the VPC module aswell, and allocate a new elastic ip address.
- Then, select the new elastic ip and, under the actions button, select associate elastic ip. There, choose network interface and select the network interface id of the step 1.
- After that, deploy the app runner service again and you should have internet connectivity.
respondido há 2 anos
0
I ran into the same issue and have used the following to sort it out -
https://aws.amazon.com/premiumsupport/knowledge-center/internet-access-lambda-function/
respondido há 2 anos
0
We encountered this same problem. It's really confusing that it does not work out of the box.
We ended up solving this with a NAT Gateway as recommended by the documentation. You can find more details about how we set it up here: https://github.com/aws/apprunner-roadmap/issues/192
respondido há um ano
Conteúdo relevante
- AWS OFICIALAtualizada há um ano
Thank you!
Thank you!
You deserve a medal! Thank you!
ENI with static IP enables the public traffic, although it defeats the purpose of having other settings in place.
Looking at the VPC connector release notes, it is explained that the egress will be by default disabled and NAT has to be there.
https://aws.amazon.com/blogs/aws/new-for-app-runner-vpc-support/ When connected to a VPC, all outbound traffic from your AppRunner service will be routed based on the VPC routing rules. Services will not have access to the public internet (including AWS APIs) unless allowed by a route to a NAT Gateway. You can also set up VPC endpoints to connect to AWS APIs such as Amazon Simple Storage Service (Amazon S3) and Amazon DynamoDB to avoid NAT traffic.