限制HTTP访问弹性魔豆 [英] Restrict HTTP Access to Elastic Beanstalk
问题描述
是否有可能限制到只有某些IP地址的弹性魔豆申请的HTTP访问?我已经尽力将规则添加到我的环境中的安全组,但这些似乎并没有得到有任何影响。这是因为所有的HTTP流量是通过弹性负载均衡,它的路由不是的内安全组?
Is it possible to restrict HTTP access to an Elastic Beanstalk application to only certain IP addresses? I"ve tried adding rules to my environment's Security Group but these don't appear to be having any effect. Is this because all HTTP traffic is routed through the Elastic Load Balancer, which isn't within the security group?
推荐答案
我也仅限于某些IP地址的弹性青苗应用程序的HTTP访问。
以下是我的步骤。
I have restricted HTTP access to an Elastic Beanstalk application to only certain IP addresses.
Following is my procedure.
-
创建新豆茎环境中的VPC(亚马逊虚拟私有云)。照片 请阅读以下文件。
使用AWS弹性魔豆与Amazon VPC
例:启动一个VPC的AWS弹性魔豆的应用
注意:我试图创建使用AWS的无线工具包为Eclipse上月新豆茎环境(Tomcat)的,在VPC。但我不能创建新豆茎的环境,由于AWS工具包为Eclipse的bug。 最后,我可以用一个创建新豆茎环境弹性魔豆创建环境命令。因此,我建议使用弹性魔豆创建环境命令。
Create new beanstalk environment in the VPC(Amazon Virtual Private Cloud).
Please read following documents.
Using AWS Elastic Beanstalk with Amazon VPC
Example: Launching an AWS Elastic Beanstalk Application in a VPC
note: I tried to create a new beanstalk environment(Tomcat) in the VPC using AWS Tookit for Eclipse last month. But I could not create a new beanstalk environment due to the bug of AWS Toolkit for Eclipse. Finally, I could create a new beanstalk environment using a elastic-beanstalk-create-environment command. Therefore I recommend to use elastic-beanstalk-create-environment command.
创建一个新的网络ACL(VPC的功能),然后打开呼入选项卡,并配置限制的源IP地址。 设置此网络ACL来VPC的子网有青苗的ELB。
Create a new Network ACL(VPC's function) and open the inbound tab and configure to restrict source IP addresses. Set this Network ACL to the subnet of VPC which have a beanstalk's ELB.
这篇关于限制HTTP访问弹性魔豆的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
