Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

default "VPC Security Group" #93

Open
dcrockwell opened this issue Dec 11, 2016 · 1 comment
Open

default "VPC Security Group" #93

dcrockwell opened this issue Dec 11, 2016 · 1 comment

Comments

@dcrockwell
Copy link

When an environment is created, there's an automatically generated Security Group with the description of "VPC Security Group" and a pseudo-random name.

It automatically opens up SSH to everything, so I'm wondering if there's a way to override this.
@dermot
Copy link

dermot commented May 19, 2018

This isn't an eb_deploy issue. The cause is that Beanstalk by default creates
a Security Group that has SSH (22) open to the world (0.0.0.0/0). SSHSourceRestriction
can be used to limit SSH access to specific cidr's or a source Security Group
if using a bastion host. Here we are restricting to localhost. This value is
what will be used in the SecurityGroup created by Beanstalk.

    - namespace: aws:autoscaling:launchconfiguration
      option_name: SSHSourceRestriction
      value: tcp, 22, 22, 127.0.0.1/32 ```

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dcrockwell @dermot