Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

AWS Cloudfront and ELB Security Groups

does anyone know how to add your cloudfront distro into the security group inbound rules for an ELB?

We have a cloudfront distro setup for a new site which has a whitelisted set of security group rules for its origin. I cant see how to configure the security group to allow requests from the cloudfront distro...

any ideas?

like image 606
rabs Avatar asked Mar 05 '14 04:03

rabs


1 Answers

Beginning February 2022, you should use AWS Managed Prefix List. They are a list of IPs managed by AWS, and kept up to date by them, that you can use in your route tables and security groups.

Be advised, the Amazon CloudFront managed prefix list counts as 55 rules in a security group. The default quota is 60 rules, leaving room for only 5 additional rules in a security group. You should request a quota increase for this quota. It counts as 55 routes in a route table. The default quota is 50 routes, so you must request a quota increase before you can add the prefix list to a route table.

like image 107
rpadovani Avatar answered Sep 28 '22 10:09

rpadovani