amazon web services - Blocking inbound traffic for AWS VPC except from load balancer and select addresses

Question

Welcome To Ask or Share your Answers For Others

amazon web services - Blocking inbound traffic for AWS VPC except from load balancer and select addresses

posted Oct 7, 2021 in Technique[技术] by 深蓝 (71.8m points)

amazon web services - Blocking inbound traffic for AWS VPC except from load balancer and select addresses

I have a couple of HTTP services running in containers using AWS Fargate. These services are meant to be accessed using an Application Load Balancer, and from a list of selected IP addresses. However, with default settings, the services are open to all inbound traffic.

The containers are all in the same VPC, Security Group and Subnets. The same goes for the load balancer.

I tried restricting the inbound traffic using Network ACLs, but this also blocked connections from the load balancer. What is the correct way of achieving the desired behavior (blocking external traffic)?

question from:https://stackoverflow.com/questions/65907809/blocking-inbound-traffic-for-aws-vpc-except-from-load-balancer-and-select-addres

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-06T19:12:32+0000

Both ECS tasks and service supports security groups. So you update the "Inbound traffic" of the security group to allow traffic only from ALB, read more about it here: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/create-application-load-balancer.html

Categories

amazon web services - Blocking inbound traffic for AWS VPC except from load balancer and select addresses

amazon web services - Blocking inbound traffic for AWS VPC except from load balancer and select addresses

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags