amazon-web-services - How do allow inbound traffic only from ELB?
问题描述
I put up an ELB in front of my ec2 instances so traffic from coming from internet goes to elb first and then to one of my ec2 instance.Right now instance is also allowing traffic from 0.0.0.0 as it is unnecessary .I want them to be accessible other than ELB . How i can do that??Also is there anything to be taken care of??
解决方案
A security group can allow traffic from a CIDR range of IP addresses, or from another Security Group. Thus, you should configure the following Security Groups:
- ELB-SG: Allow HTTP/S from
0.0.0.0/0
. Associate it with the ELB. - App-SG: Allow HTTP from ELB-SG. Associate it with your EC2 instances (or Auto Scaling group Launch Configuration).
The Application Security Group (App-SG) is permitting incoming traffic from the Load Balancer. Or, more specifically, from any resource that is associated with ELB-SG.
推荐阅读
- acumatica - 如何将项目更新到另一个 Acumatica 版本?
- ibm-cloud-infrastructure - 为裸机每月 SOFTLAYER 过滤 OS,容量受限
- php - PHP:在一行中将非数字值添加到范围数组的开头
- python - 如果我在 python 中有 10 个虚拟环境,那会下载相同的库 10 次吗?
- javascript - 反应脚本构建服务工作者不缓存自定义文件
- ios - 片段着色器中的纹理读取
- google-analytics - Google Analytics 中的子目录跟踪
- javascript - 日期时间选择器标记值
- c# - 在 Foreach 循环中使用谓词生成器时遇到问题
- java - Vaadin Tabsheet 不希望刷新选项卡内容