2 Answers
- Newest
- Most votes
- Most comments
0
Thanks for the response Kentrad.
I have used different SG for the ELB still I see unwnated endpoints are hitting the application.
I want to you tell the configuration used in EC2 SG, ELB SG, NACL and ELB listeners.
EC2 SG Inbound:
ELB SG:
ELB Listeners:
answered a year ago
0
Use a different SG for the ELB (TCP 8000 from 0.0.0.0/0) than the EC2 Instances (TCP 8000 from the ELB SG). This will force all traffic through the ELB. You don't need to adjust the NACL to make this work.
Relevant content
- Accepted Answerasked 5 months ago
- Accepted Answerasked 8 months ago
- asked a year ago
- Accepted Answerasked 8 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 2 years ago
In the EC2 SG inbound rule, change the source on the third rule (TCP/8000) to the ELB SG. Clear out the '0.0.0.0/0' and start typing 'sg-' and a list of SGs will populate. Pick the ELB SG.