- Newest
- Most votes
- Most comments
After twicking a little bit with the configuration I managed to make these 2 security groups:
- a security group (DocumentDBSecGroup) to allow inbouns connections on 27017 from EC2SecurityGroup, and outbound to everywhere. I attached this one to my DocumentDB Cluster.
- a security group (EC2SecurityGroup) to allow inbound connections on 27017 from DocumentDBSecGroup,. as well as inbound on 80 and 443, and outbound to everywhere. I attached this one to my EC2 instances from Beanstalk.
I am still not able to connect to DocumentDB, am I missing anything?
thanks M
The best approach for this use case would be to connect the DocumentDB Security Group to the Elastic Beanstalk environment's Security Group. This way, the connection between the DocumentDB cluster and the Elastic Beanstalk application is established through the Security Group.
If you decide to recreate the Beanstalk environment, the connection to the DocumentDB cluster will still be established, as the Security Group will remain unchanged. This is because the Security Group is not tied to a specific EC2 instance or Load Balancer, but rather to the environment as a whole.
To set this up, you can add the DocumentDB Security Group as an inbound rule to the Elastic Beanstalk environment's Security Group. This will allow the Elastic Beanstalk application to communicate with the DocumentDB cluster.
In summary, connecting the DocumentDB Security Group to the Elastic Beanstalk environment's Security Group is the best approach for this use case as it ensures a stable connection between the DocumentDB cluster and the Elastic Beanstalk application, even if the environment is recreated.
I am not sure what you mean by Beanstalk environment's Security Group. If a select my environment and I click on Configuration
and then Security
, I can only see Service Role
and Virtual Machine Permissions
.
Or do you mean to add the DocumentDB Security Group to EC2 security groups
in Configuration
-> Instances
? Btw I already tried this with no luck.
thanks M
Relevant content
- asked 4 years ago
- asked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 8 months ago
Did you make sure the Amazon DocumentDB and Beanstalk instances are in the same VPC?