0

Frontend is using the backend URL as OMR_SERVICE_URI=https://example.com/mat/api/v1.

We are constructing a ALB on AWS to expose only the web endpoint. We specified Registered target as AWS EC2 instance in which the backend service is running.

We also passed the Listner rules with /mat/* by using Security Groups so that access to the backend service endpoint is successful.

We are aware that OMR_SERVICE_URI is opened, and the URL can be accessed from internet.

How can we prevent access to the backend service from internet, when the web application is accessed via ALB.

klee
  • 1,554
  • 2
  • 19
  • 31
  • if i understood correctly all you want is the people from internet should access application from alb only and they should not be able to access your app from backend. so for this simply have 2 separate security groups one for alb and one for backend ec2 instance. alb sg should have inbound rule for all traffic. and ec2 sg should have inbound rule as traffic allowed from asg sg. this is called as security group referencing. so ec2 sg will allow only traffic from asg sg. – Jatin Mehrotra May 06 '21 at 03:49
  • posted a solution to similar problem i think it will help :) https://stackoverflow.com/a/67356701/13126651 – Jatin Mehrotra May 06 '21 at 06:12

0 Answers0