I put up an ELB in front of my ec2 instances so traffic from coming from internet goes to elb first and then to one of my ec2 instance.Right now instance is also allowing traffic from 0.0.0.0 as it is unnecessary .I want them to be accessible other than ELB . How i can do that??Also is there anything to be taken care of??
A security group can allow traffic from a CIDR range of IP addresses, or from another Security Group. Thus, you should configure the following Security Groups:
0.0.0.0/0. Associate it with the ELB.The Application Security Group (App-SG) is permitting incoming traffic from the Load Balancer. Or, more specifically, from any resource that is associated with ELB-SG.