terraform-aws-elastic-beanstalk-environment icon indicating copy to clipboard operation
terraform-aws-elastic-beanstalk-environment copied to clipboard

Published 20 hours ago verified publisher icon cloudposse

Host not available despite having public IP

Open jakubgs opened this issue 5 years ago • 3 comments

I was trying to access my EB host behind the ELB but I found out that when checking with nmap all ports were filtered.

I did have the following settings:

  • ssh_listener_port set to "22"
  • ssh_listener_enabled set to "true"
  • ssh_source_restriction set to "0.0.0.0/0"
  • associate_public_ip_address set to "true"

And yet I could not access any of the open ports on the instance.

I also had these set for the subnet module:

  • nat_gateway_enabled set to "true"
  • map_public_ip_on_launch set to "true"

What did work was setting the private_subnets setting to use module.subnets.public_subnet_ids rather than module.subnets.private_subnet_ids.

(I found this out by adding a host to the same VPC manually but in the public rather than private subnet, and it had access.)

I was wondering if this is Intended behavior? And if so, maybe some additional documentation could help?

jakubgs avatar Jul 29 '19 22:07 jakubgs

Same problem for me. Only after using the module.subnets.public_subnet_ids for the private_subnets i can configure eb-cli to use eb ssh

ff6347 avatar Nov 05 '19 14:11 ff6347

ssh_source_restriction is a variable but is not implemented in the tf code, so I imagine the security group is not being updated with a port 22/tcp rule.

razorsedge avatar Mar 05 '20 22:03 razorsedge

+1 have the same issue Is there a solution without moving EBS to public subnet?

helllicht avatar Sep 13 '21 12:09 helllicht