aws-security-group

EC2 instance server not accepting HTTPS requests

那年仲夏 提交于 2020-07-10 04:50:26
问题 I Created an EC2 instance that is running perfectly over http.but when i try to replace http to https i got this printed on the browser This site can’t provide a secure connection . the security group that is associated to this instance is configured to allow requests from both HTTP and HTTPS as in the attached image: 回答1: You are trying to run https over a port that has been configured for HTTP. There are multiple options to get around this: Setup a proxy on your local server, such as Nginx.

HTTP timeout from an EC2 instance when I call a python API

可紊 提交于 2020-05-30 19:02:51
问题 I am trying to call a python api from an EC2 instance that I have configured with Ubuntu. When I run the file locally on my computer it works, but when I run the same file on my EC2 instance, I get this error: requests.exceptions.ReadTimeout: HTTPSConnectionPool(host='stats.nba.com', port=443, timeout=20) Here is my file. The calls to my mongodb work on the EC2 instance, but the stats_nba API endpoint does not work. from nba_api.stats.endpoints import commonplayerinfo import pymongo from

What is the best way to restrict access to an Application Load Balancer?

笑着哭i 提交于 2020-04-12 08:22:00
问题 Ideally, I'd like to lock down my ALB so that it can only be accessed by API Gateway. I've looked into whether I can associate API gateway with an Inbound Rule - however, I have found that API Gateway cannot be associated with an IP address, or a security group. I've also looked into an Internal facing ALB, but I've been unable to get these working as VPC link only supports NLB. Any help will be greatly appreciated - I've been looking in the Gateway Settings but cannot find this option. What

What is the best way to restrict access to an Application Load Balancer?

爱⌒轻易说出口 提交于 2020-04-12 08:21:14
问题 Ideally, I'd like to lock down my ALB so that it can only be accessed by API Gateway. I've looked into whether I can associate API gateway with an Inbound Rule - however, I have found that API Gateway cannot be associated with an IP address, or a security group. I've also looked into an Internal facing ALB, but I've been unable to get these working as VPC link only supports NLB. Any help will be greatly appreciated - I've been looking in the Gateway Settings but cannot find this option. What

What is the best way to restrict access to an Application Load Balancer?

核能气质少年 提交于 2020-04-12 08:20:26
问题 Ideally, I'd like to lock down my ALB so that it can only be accessed by API Gateway. I've looked into whether I can associate API gateway with an Inbound Rule - however, I have found that API Gateway cannot be associated with an IP address, or a security group. I've also looked into an Internal facing ALB, but I've been unable to get these working as VPC link only supports NLB. Any help will be greatly appreciated - I've been looking in the Gateway Settings but cannot find this option. What

I have a problem in cloud formation. Error when using Fn::Join with a parameter

两盒软妹~` 提交于 2020-03-05 04:11:12
问题 I am trying to create one Security Group and calling other security group from parameters using cloudformation. I used this as a resource however I get the following error message from cloudfromation Template validation error: Template error: every Fn::Join object requires two parameters, (1) a string delimiter and (2) a list of strings to be joined or a function that returns a list of strings (such as Fn::GetAZs) to be joined. AWSTemplateFormatVersion : 2010-09-09 Description: "simple web

I have a problem in cloud formation. Error when using Fn::Join with a parameter

会有一股神秘感。 提交于 2020-03-05 04:10:22
问题 I am trying to create one Security Group and calling other security group from parameters using cloudformation. I used this as a resource however I get the following error message from cloudfromation Template validation error: Template error: every Fn::Join object requires two parameters, (1) a string delimiter and (2) a list of strings to be joined or a function that returns a list of strings (such as Fn::GetAZs) to be joined. AWSTemplateFormatVersion : 2010-09-09 Description: "simple web

How to allow certain ports open to world only for certain security groups in Cloud Custodian?

為{幸葍}努か 提交于 2020-01-25 10:02:08
问题 I have this in my policy to allow only 80 and 443 open to world. "or": [ { "Cidr": { "value": "0.0.0.0/0" }, "type": "ingress", "OnlyPorts": [ 80, 443 ] }, { "CidrV6": { "value": "::/0" }, "type": "ingress", "OnlyPorts": [ 80, 443 ] } ] Now, I want to allow only 8080 and 8081 to selected security groups, not for all security groups. Is this possible? 回答1: You need to edit particular security groups only. Just open the ports there and that will do it. 回答2: Add a value filter using a key and

Terraform decouple Security Group dependency

我是研究僧i 提交于 2020-01-25 06:49:47
问题 This is tested with Terraform v0.12.9 I generally manage security groups and security group rules as separate resources, as in the below example: resource "aws_security_group" "this" { count = var.create ? 1 : 0 name_prefix = "${var.security_group_name}_" vpc_id = var.vpc_id lifecycle { create_before_destroy = true } } resource "aws_security_group_rule" "ingress_rules" { count = var.create ? length(var.inbound_security_group_ids) : 0 security_group_id = aws_security_group.this[0].id type =

Setting the description and IPv6 using authorize-security-group-ingress of aws SDK

这一生的挚爱 提交于 2020-01-25 06:47:12
问题 I am using AWS SDK v1 ( old product needs that) to add a rule for a security group. My issue is if add description and IPv6 fields I got the response of: The parameter Description is not recognized And The parameter Ipv6Ranges is not recognized This is the documentation I followed to construct the request. My code: $ec2 = new AmazonEC2(); $response = $ec2->authorize_security_group_ingress([ 'GroupId' => $secGrpID, 'IpPermissions' => [ [ 'FromPort' => $portNum, 'IpProtocol' => $protocol,