Avoid Elastic Beanstalk to create security group for ELB

Just found out that there is a Elastic Beanstalk option named ‘ManagedSecurityGroup‘ to allow you to use an exisiting security group for the ELB. Note the security group must be in the aws:elb:loadbalancer SecurityGroups list. Here is a sample:

{
“Namespace”: “aws:elb:loadbalancer”,
“OptionName”: “SecurityGroups“,
“Value”: “sg-1111111,sg-222222”
},
}
“Namespace”: “aws:elb:loadbalancer”,
“OptionName”: “ManagedSecurityGroup“,
“Value”: “sg-1111111”
}

Unfortunately, there is no such option for EC2. But you are able to control the SSH access in the EB managed EC2 security group with option ‘SSHSourceRestriction’

{
“Namespace”: “aws:autoscaling:launchconfiguration”,
“OptionName”: “SSHSourceRestriction“,
“Value”: “tcp, 22, 22, sg-222222”
}

Reference: http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/command-options-general.html

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

	Use ChatGPT to check… on Why you need CodeGuru?
	AWS Config Advanced… on AWS Config Advance Queries aga…
	Gene on Fail to quiesce a virtual mach…
	Elisa Caldwell on TSM
	John on Ansible example – get di…
	RJI on Fail to quiesce a virtual mach…
	Serverless Ingress S… on Two Examples of using AWS Netw…
	Automate VPN failove… on Automate VPN connection and it…
	AWS IAM Roles Anywhe… on Setup AWS “Instance Prof…
	AWS Cost Anomaly Det… on Why QuickSight increases Cloud…

Share this:

Like this:

Related

Published by Jackie Chen

Leave a Reply Cancel reply