I have an Nginx container in public subnets proxying requests to a load balancer in the same public subnets. The following is a location block in my nginx.conf location ~* "^/[a-z]{2}_[a-z]{2}/somelocation/(.*)$" { proxy_pass https://my-lb.region.elb.amazonaws.com/rest/$request_uri; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Authorization $http_x_access_token; } The issue I’m having is that… Read More Aws security group whitelist, Nginx running in ecs -> load balancer

I have added 7 inbound rules, 5 of them are with "Managed prefix list" that has 2 entries, those entries are public IPs with /32 CIDR block, so I am not able to add more inbound rules with "pl" as the max count gets reached, but how the figure "52" is calculated ? >Solution :… Read More How do Prefix lists factor into the permission entry limit in Security Groups?

When I set a inbound rule in a security group for an AWS EC2 like this: So source type says that only traffic from my computer is to be allowed and only port 8080 in EC2 instance is to be made accessible. What does ‘Type’ field here means when I set it as ‘Custom TCP’?… Read More What is 'Custom TCP' in AWS security group?

I have a security group resource in the module called "networking": resource “aws_security_group” “dev_sg” { for_each = var.security_groups name = each.value.name description = each.value.description vpc_id = aws_vpc.dev_vpc.id dynamic “ingress” { for_each = each.value.ingress #iterator = port content { from_port = ingress.value.from to_port = ingress.value.to protocol = ingress.value.protocol cidr_blocks = ingress.value.cidr_blocks } } egress { from_port… Read More Referencing Security Group in AWS via Terraform using Dynamic Block

I want using another SG’s port for SSH, not 22, but i get error. For example: resource "aws_security_group" "ws_sg" { name = "WS SG" vpc_id = "${aws_vpc.ws_net.id}" tags = { "Name" = "WS SG" } } resource "aws_security_group_rule" "inbound_ssh" { from_port = 28 protocol = "TCP" security_group_id = aws_security_group.ws_sg.id to_port = 22 type = "ingress"… Read More Terraform AWS How use Security Group's port another that 22 for SSH

I have an EC2 instance in public subnet with default NACL and try to connect to S3 bucket through internet. My EC2 has a IAM role that allows access to this S3 bucket. S3 bucket has no bucket policies. I want to connect to this S3 through HTTP, not HTTPS (for testing purposes). To do… Read More How to access S3 bucket through HTTP?