3 Answers
- Newest
- Most votes
- Most comments
4
After a lot of trial and error i have finally found the solution.
You should first make sure that you select a public subnet when creating the VPC connector
Then, when the app runner service is running follow the next steps:
- Go to the network interfaces section, inside VPC module, and you will find one interface with a description starting to Fargate ENI... that belongs to the public subnet you choose when creating the app runner service. That's the network interface of your app runner service. Note down the id of that network interface, eni-...
- Now go to elastic ip, in the VPC module aswell, and allocate a new elastic ip address.
- Then, select the new elastic ip and, under the actions button, select associate elastic ip. There, choose network interface and select the network interface id of the step 1.
- After that, deploy the app runner service again and you should have internet connectivity.
answered 2 years ago
0
I ran into the same issue and have used the following to sort it out -
https://aws.amazon.com/premiumsupport/knowledge-center/internet-access-lambda-function/
answered 2 years ago
0
We encountered this same problem. It's really confusing that it does not work out of the box.
We ended up solving this with a NAT Gateway as recommended by the documentation. You can find more details about how we set it up here: https://github.com/aws/apprunner-roadmap/issues/192
answered 10 months ago
Relevant content
- asked 10 days ago
- asked 2 years ago
- asked 2 months ago
- asked 24 days ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
Thank you!
Thank you!
You deserve a medal! Thank you!
ENI with static IP enables the public traffic, although it defeats the purpose of having other settings in place.
Looking at the VPC connector release notes, it is explained that the egress will be by default disabled and NAT has to be there.
https://aws.amazon.com/blogs/aws/new-for-app-runner-vpc-support/ When connected to a VPC, all outbound traffic from your AppRunner service will be routed based on the VPC routing rules. Services will not have access to the public internet (including AWS APIs) unless allowed by a route to a NAT Gateway. You can also set up VPC endpoints to connect to AWS APIs such as Amazon Simple Storage Service (Amazon S3) and Amazon DynamoDB to avoid NAT traffic.