Question: ECS doesn't support private subnets?

Asked By
Asked At
2018-02-14 20:08:05

Found 15 possible answers.

User Answered At Possible Answer
rlister 2018-02-14 20:08:53 ECS service requires routing to internet, so you need either a route, IGW and public IP, or a NAT
konrad 2018-02-14 20:08:56 It does, but I think you need to set up a NAT route in that case It just feel so exposed right now with the public ip :smile:
rlister 2018-02-14 20:09:46 turn on GuardDuty … you may feel worse :slightly_smiling_face:
konrad 2018-02-14 20:10:19 :smile:
rlister 2018-02-14 20:10:34 we really need a vpc endpoint for ECS
konrad 2018-02-14 20:13:28 Turned on Guard Duty, no traffic to analyze... I do feel worse now
rlister 2018-02-14 20:27:14 It takes 24 hours or something to populate. Then you find out how good your security groups are :slightly_smiling_face:
patrickdayton 2018-02-14 20:34:20 You could also use Trusted Advisor to see which SGs are a wee bit too exposed. Not a bad idea to use, especially since the basic level is free
rlister 2018-02-14 20:37:00 Yep, big fan of Trusted Advisor. Also AWS Config, with most of the default rules.
konrad 2018-02-14 20:39:41 Is there a way to redirect ALB from HTTP to HTTPS without something like Nginx sitting behind the load balancer?
nocode 2018-02-14 20:40:07 at the moment, no i just throw this in the default target for port 80
david.bailey 2018-02-14 20:43:19 I’m not familiar at all w/nginx but can that not be done in the conf file for the site?
rlister 2018-02-14 20:44:09 conf file?
david.bailey 2018-02-14 20:44:40 Hmm, I think my mind went somewhere different after reading that again..nevermind lol
paladugu27 2018-02-15 00:18:57 I am trying to create an automated deployment using code pipeline to deploy my application on AWS EC2 instances from GitHub. My application is using RDS MySQL instance. Does anyone here has experience on how to automatically deploy the MySQL changes using AWS code pipeline or any other ways?

Related Questions