Hi, your code seems to attach you security groups to the NLB.
So, every requester bypassing the NLB will not be barred by your sec group.
You have to attach your sec group to the ECS service enforce it on any request.
When working with CLI, you would do it on the nettwork-configuration part of create-services. See https://docs.aws.amazon.com/cli/latest/reference/ecs/create-service.html
What are the security group settings associated with ECS Fargate?
Isn't it in a state where it can be accessed directly from outside of NLB?
Can you confirm thats the security group in your screen shot is attached to the Fargate Service?
- Accepted Answerasked a year ago
- asked 2 years ago
- Accepted Answerasked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago
- EXPERTpublished 8 months ago
- EXPERTpublished 5 months ago