Search code examples
amazon-web-servicesamazon-ec2redisamazon-vpcaws-security-group

AWS ElasticBeanstalk Security Groups

I have a web application launched using ElasticBeanstalk (EB) with load balancer, which instances may be added/removed based on the trigger. Now I have a Redis server hosted on EC2 with port 6379 that I only want this very EB instances (all the instances launched by this EB) have access to that port. EB has a security group (SG) called sg-eb and Redis has a SG called sg-redis.

All these are deployed under same VPC but may or may not be the same subnet.

How to I configure sg-redis so that all the instances under the EB have access to redis? I tried adding sg-eb to sg-redis allowing port 6379 but no luck. The only way I made it work was adding each instance's public IP to sg-redis so they have access. Though, if the load balancer adds/removes an instance, I'll need to manually configure sg-redis again.

Update #1 enter image description here

Solution

  • The Redis EC2 instance will have 2 IPs, one public and one private. You can find them when selecting the instance on the EC2 management console. Make sure you connect to that EC2 instance via this internal IP.