mercredi 3 juin 2015

Restrict access to one Elastic Beanstalk app from another

I have two Elastic Beanstalk applications "a" and "b". Anyone should be able to talk to (a) over http, but only (a) should be able to talk to (b). I.e.

internet -> a -> b

Right now, everything works if both apps are fully open to the internet. But as soon as I try to restrict the security group for (b)'s ELB, (a) can't seem to connect anymore.

I.e. If I allow (b)'s load balancer security group to allow http:0.0.0.0/0, everything works. But if I set that same security group to allow only http:[(a)'s security group], (a) can no longer communicate with (b).

Both apps are in the same VPC. I can't figure out what's missing here...




Aucun commentaire:

Enregistrer un commentaire