Yes..but this might not be an option if your instance is in a private subnet...it also means handling all your IPS like this ( though in theory you don't need internal IPs, security group id/name would do as well...) - there r limits to how many rules you can add to a secgroup....
At the same time, adding eip would complicate the OP's apparent sec requirements ... On 20/11/2014 12:04 pm, <[email protected]> wrote: > I have the same problem yesterday. What I did is make elastic IP and > associate it with your ec2 instance. In the sercuity group you need open > both private Ip and the elastic IP. try it. > > On Wednesday, November 19, 2014 8:01:48 AM UTC-5, David Vasquez wrote: >> >> Hi everyone! >> >> I'm trying to configure tight security rules to my elasticsearch cluster >> meaning that the network access rules must be exactly what is needed. Now >> I've found that the EC2 Discovery plugin does a call to AWS ( >> ec2.us-east-1.amazonaws.com:443) and for that I would need to give >> internet access to my elasticsearch instances. >> >> That said, it means a big drawback for my security configuration because >> I cannot tie the call to a fixed IP, neither to a fixed port and hence my >> access rules would be wide open. >> >> Can you please tell me how do you manage this security issue on AWS? >> >> Thank you very much! >> > -- > You received this message because you are subscribed to the Google Groups > "elasticsearch" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/elasticsearch/17504959-fd11-4b16-ab3f-640a083c1b19%40googlegroups.com > <https://groups.google.com/d/msgid/elasticsearch/17504959-fd11-4b16-ab3f-640a083c1b19%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CACj2-4%2BripJ%3DmDUgH8VbXMAvFEQwGAbqWSwwS-Nm0TEeyUpOtw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
