AWS ALB target group is healthy but still not accessible

Question

I'm running SonarQube docker using the AWS ECS (EC2 instances). The container is up and running and listening on port 9000 with the below logs:-

q-process5925788013780644631properties
2021.03.17 15:50:55 INFO  app[][o.s.a.SchedulerImpl] Process[web] is up
2021.03.17 15:50:55 INFO  app[][o.s.a.ProcessLauncherImpl] Launch process[[key='ce', ipcIndex=3, logFilenamePrefix=ce]] from [/opt/sonarqube]: /opt/java/openjdk/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/temp -XX:-OmitStackTraceInFastThrow --add-opens=java.base/java.util=ALL-UNNAMED -Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Dhttp.nonProxyHosts=localhost|127.*|[::1] -cp ./lib/common/*:/opt/sonarqube/lib/jdbc/postgresql/postgresql-42.2.17.jar org.sonar.ce.app.CeServer /opt/sonarqube/temp/sq-process3880305865950565845properties
2021.03.17 15:51:01 INFO  app[][o.s.a.SchedulerImpl] Process[ce] is up
2021.03.17 15:51:01 INFO  app[][o.s.a.SchedulerImpl] SonarQube is up

I'm using the VPC mode network. I'm using an application load balancer and as per the below screenshot the target groups are healthy but I still could not access my Sonar using the load balancer URL:-

Error:-

Please advise, thanks

ALB Security group screenshot:-

Answer 1

Your alb inbound rule only allows access in from the listed security group which would block your attempt to reach the load balancer url