AWS LB访问EC2进行health check的问题

为了在AWS上面建立一套int环境,我们起了一些instance。为了系统安全,我们通过security group限制只有内部ip才能够访问。但是当我们启动一个LB的时候,无论如何都不能health check成功。通过查看网上的文章,竟然是security group限制了LB的访问!

 

In an ongoing effort to keep my company’s servers as secure as possible I decided I was going to lock down port 80 and 443 to only accept traffic from specific servers that needed access.  Should be easy enough I thought, I could simply setup up the security group and restrict the source IP or group.  I setup a test EC2 instance and ran a quick test pointing directly to the instance and it worked.  I then added the rules to the production security group and thought all was well.  Not so fast … I failed to remember that the Elastic Load Balancer (ELB) needs to perform health checks on each instance to confirm they are running.  The problem here is you cannot tell what IP address the ELB is using to add to the security group and you cannot assign a security group to the ELB.

Amazon EC2 ELB

 

By adding amazon-elb/amazon-elb-sg to the source of the security group. It can then permit the access from the LBR only.

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值