1 Respuesta
- Más nuevo
- Más votos
- Más comentarios
0
As you are using a load balancer, You will need to put your IP address in the security group of the load balancer not the SG on the ecs service
The security group on the ecs service only needs to allow IP from your internal network load balancer. You which is the load balancer IP addresses.
Contenido relevante
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace un año
Hm, I'm using a Network Load Balancer which I think doesn't have any security group attached.
Ok that makes sense. So your ecs security group will have to allow the ip addresses from your NLB. These will be internal ip addresses from the subnet that your NLB is attached too. You can’t lock this down to your own IP addresses!!
The only way round this is too move to an ALB with your Ecs services registered to target groups and follow my answer to support what your trying to achieve.