By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Security Group for EC2 on public subnet for Code Deploy

0

For EC2 on public subnet, my security group is only allow ssh, http, https, and tcp:3000, from vpc local network. Would this security group work with code deploy? My VPC also has an public ALB

Topics
Networking & Content DeliveryCompute
Tags
Amazon VPCAmazon EC2Networking & Content DeliverySecurity Group
Language
English
oodaniel00
asked 5 months ago176 views
1 Answer
1
Accepted Answer

Hello.

It works.
If you confirm that HTTP and HTTPS are allowed in the security group's outbound rules, communication from EC2's CodeDeploy Agent to CodeDeploy is possible, so it should work.
https://docs.aws.amazon.com/codedeploy/latest/userguide/instances-ec2-create.html

In a production environment, we recommend restricting access to the SSH, RDP, and HTTP ports, instead of specifying Anywhere 0.0.0.0/0. CodeDeploy does not require unrestricted port access and does not require HTTP access. For more information, see Tips for securing your Amazon EC2 instance.

profile picture
EXPERT
Riku_Kobayashi
answered 5 months ago
profile pictureAWS
EXPERT
Didier_Durand
reviewed 5 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content