Connect to AWS EC2 via ELB (ALB)
Secure the connection to EC2 so that it can only be accessed via the ELB (load balancer) when connecting to EC2.
EC2 residing on a private subnet can only be accessed via the ALB.
- VPC and EC2 are assumed to have been built
- It is assumed that Apache is installed on EC2
Select “Load Balancer” in the EC2 service and click “Create Load Balancer”.
Click “Create” under “Application Load Balancer.
Click on “Next Steps: Configure Security Settings.
Click on “Next Steps: Configure Security Groups.
Port: Select a security group with only 80 open.
Click on “Next Steps: Routing Configuration.
Click on “Next Steps: Register Targets.
Click on “Next Steps: Confirmation.
Click “Create” in step 6 to complete load balancer creation.
Change EC2 security group
In the EC2 inbound configuration, set the source of port: 80 to the security group of the load balancer you just created.
You will now access port 80 of EC2 via ELB.
Accessing EC2 via CloudFront
Set the DNS name of the ELB to Origin Domain Name.
Since HTTPS will not be used this time, set HTTP Only and HTTP and HTTPS.
For SSL Certificate, select Default.
Finally, click “Create Distribution” to complete the process.
You can confirm that Apache of EC2 is displayed via ELB though it is HTTP.
Create a subdomain
Incidentally, you can create a subdomain by registering the ELB’s DNS name as Alias in Route53’s A record.