I have created a flask app using Fargate ecs.
On this setup, I have a security group attached to the load balancer where I can adjust the inbound rules with the IPs that I want to have access to this app. That works ok.
However, what I want is to attach authentication credentials to the Fargate in order to give access to the ones having these tokens instead of using IP rules that I am doing now.
Is there a way to do it in aws or do I need to do it internally in the flask app?
thanks
Related
I am running an AWS EKS cluster and in that, there are multiple applications running, my eks is in a private subnet so to access those applications I am using a VPN and creating internal ALBs to access some application dashboard in the browser. I am able to get their dashboard in the browser but now I am trying to make a single alb to access all these applications.
I want to configure a single alb and with that, I want to call my application which is running in my eks cluster.
Suppose, I have an application uiserver running in my eks cluster, I want an ALB on which I call alburl/uiserver/somequery, and then it will direct me to alburl/somequery and also call my specific service uiserver.
I am not getting anything to configure this. If anyone has any idea about configuring of this type of ALB then please reply.
Thanks
I have an API on a AWS ec2 instance with the route domain.com/api. And I have deployed a NextJS app on amplify which I want to show on the home page of my domain.com. How to use cloudfront to distinguish between the two and send resources accordingly?
I have managed to set up CloudFront but it is throwing an access denied error. I have set up a load balancer for my EC2 instance also. What might be wrong here?
The API on ec2 and the app on amplify is working independently. I have checked them both.
We have a springboot application running as a single instance( there is no Loadbalancer) on aws elastic beanstalk.
The question is how to protect/block the /actuator path (only admins) could access it.
you can't without a load balancer.
With ALB you can configure some settings to restrict access, but not with custom authentication.
We want to secure spring-boot actuator endpoints inside aws. Requirement is not to use spring boot application.yml properties provided by spring boot and secure them using just aws and vpc an/or loadbalancer configuration. And then How can we allow internal users to access those endpoints who're coming from vpn?
For example /actuator/* endpoints
Not sure if it´s what you are looking for but you can use an Application Load Balancer in AWS to allow / deny IPs to certain URLs on your application
https://aws.amazon.com/es/blogs/aws/new-advanced-request-routing-for-aws-application-load-balancers/
I'm new to AWS, and I want to deploy a web application on an EC2 instance,
So far I've tried Elastic Beanstalk, but AWS always requires me to create a new Environment for the application instead of letting me choose an existing EC2 instance that I've created before.
Actually my main purpose is to set a policy group that allow HTTPS access, and idk how to set it to the "Environment" instance.
Any help is greatly welcome. :)
That is not currently viable, as you'd need to set up an AMI based on your instance and use a custom AMI for beanstalk, and that is not a trivial task. If you need to run a custom environment in Elastic Beanstalk, using Docker would be much easier.
But none of that is required to set a security group allowing HTTPS, you can configure security groups and HTTP/s listeners for ELBs on you Environment configuration.