This message was deleted Pulumi Community #aws

Join Slack

This message was deleted.

# aws

sparse-intern-71089

10/08/2020, 9:46 PM

This message was deleted.

billowy-army-68599

10/09/2020, 4:34 AM

hey Karl. Sorry for the delay in responding. Can you share the code you're using to deploy? it'll really help with debugging

quick-finland-93793

10/09/2020, 7:17 AM

Your service (Target of your TargetGroup) gets assigned with a security group - this group determines which resources/IPs/etc... are allowed to access your service. As the TargetGroup performs Healtchecks at Port 8080 your SecurityGroup has to allow an ingress on port 8080. Ideally you want to allow ingress on Port 8080 for the resources of the ALB securityGroup.

quick-finland-93793

10/09/2020, 7:18 AM

E.G. ALB got

sg-<someID>

your service should contain an ingress rule on port 8080 with Source of the ALB SecurityGroup

nice-policeman-63970

10/09/2020, 8:28 AM

here's the relevant part of the code: https://gist.github.com/karlsander/7b257ab62a2add111e40e39b86ab48ad

nice-policeman-63970

10/09/2020, 8:33 AM

Thanks for the explanation about the rules. I'm still not sure how to best express that in my code. Do I declare this rule seperately, and connect it to my service? What causes the (wrong?) automatic creation of the rule for 443 and can I fix that instead?

nice-policeman-63970

10/09/2020, 8:38 AM

here's a snippet that can be deployed that should exhibit the same behaviour https://gist.github.com/karlsander/5f78bc114258b9f6d15c225d015a349e (it does still require a database url to start and pass health checks)

2 Views

Open in Slack

Previous Next