Setting up Amazon Elastic Beanstalk app without public IP

Question

We have an internal network that is connected to our vpc through a vpn connection. We use only private IPs to get around, and the VPC has a NAT for internet access for our instance. We try to not to have an any public IP on our instances.

I love the ease of deploying to beanstalk, So I've been trying really hard to use it as a single-instance not load balancing.

However no matter what I do it forces me to have a public dns and public elastic IP, even if you unclick 'Associate Public IP Address' Whats Worse is, It doesn't even let me disassociate it manually, Just keeps adding it back on.

Is there anyway to use beanstalk ONLY inside your VPC and not give it a public address?? If No, why the heck not?

Answer 1

This isn't possible to do using Single Instance configuration. The work around was using the load balancer, selecting visibility internal, and then when the Environment is built, Terminate the load balancer. It will then be a single instance, and not have a public IP;

Edit: So the Load Balancer will eventually add itself back.

Also to note: if you remove the beanstalk security group from your instance and add a security group that doesn't allow access from the ELB, The ENV in beanstalk will look red but it will work fine. but if The ENV is red for over 2 weeks, beanstalk automatically terminates the instance, Rebuilding ENV will not work afterwards.

There is currently no way to deploy a single instance without a public IP using elastic Beanstalk short of maybe writing a lambda script that strips the elastic ip ever minute.

[UPDATE:::]

If you disassociate the EIP you have about 5 seconds to release it,if you do it will not be reattached. it with will not cause the env to terminate and will be gone forever. YAY (untill you rebuild)

Answer 2

Have you looked at the tutorial Example: Launching an Elastic Beanstalk in a VPC with Amazon RDS? Specifically, check the ELB visibility configuration and make sure that is set to Internal.

Copied from Deploying with the Elastic Beanstalk Console:

ELB visibility

Select External if your load balancer should be publicly available, or select Internal if the load balancer should only be available within your VPC.

Please study the rest of the tutorial for more details.