Unable to properly configure EC2 instance security group rules to give access to Elastic Beanstalk for setting and updating the application environment.

Question

I'm actually hosting a Node Js back end server, with a load balancer and an EC2 instance setup by using the Elastic Beanstalk service.

I wanna configure the EC2 instance security group rules to give the inbound traffic access to only the load balancer and the elastic beanstalk service, with no direct public internet traffic.

Well, I referenced the security group of the load balancer as a source for the load balancer to access EC2, but for the Elastic Beanstalk service, I don't know what to reference at the source input. I went through the documentation and found something known as AWS managed prefix lists, but I couldn't find any prefix list for the Elastic Beanstalk service.

Please help me with the above problem, I just started recently with AWS.

Answer

Every EC2 instance of your Beanstalk environment has a security group
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/using-features.managing.ec2.html#using-features.managing.ec2.securitygroups

So you can reference this security group as a traffic source in your NodeJS server security group. Logic is the same as you did for reference Load Balancer Security Group

Unable to properly configure EC2 instance security group rules to give access to Elastic Beanstalk for setting and updating the application environment.

相关内容