I have installed an App with Apache tomcat on AWS ec2 instance. I am able to access the tomcat url (which is server_name:8080/BOE/BI) from the AWS instance on Win2016. Also I installed IIS on the server.
Now what are the configurations I need to do to on AWS ec2 instance to access the URL from outside the AWS instance like from my personal PC.
I also tried disabling the firewalls, it did not helped.
You need to look at security groups. This will allow you to open up ports on your EC2 instance from the outside world.
Related
I'm writing an aspnet core app which can be deployed to either azure or aws. The Microsoft libraries for accessing azure logging / configuration sources are well-behaved and fail silently if they're not in an appropriate environment. However the AWS SDK blows up with and exception Unable to get IAM security credentials from EC2 Instance Metadata Service. if the providers are configured outside of AWS. Are there some environment variables I can look at to determine if my application is running in AWS so I can skip those?
All EC2 instances (and therefore all AWS hosting methods) have access to an instance meta-data http service running on a local-link address at http://169.254.169.254/latest/meta-data/. The best process I can come up with is to make a call to this service. If the call fails -- the process is not hosted on an EC2 instance.
I have an AWS environment where
for each client, there is a dedicated ec2 windows instance.
There is NO active directory; each ec2 instance is like in its own workgroup.
Each instance is deployed on its own dedicated VPC, security group etc.
Clients use RDP to connect from their site to the ec2 instances whenever required over port 3389.
The clients' ip addresses are known upfront and we open port 3389 to allow RDP connection.
Now we want to introduce the RDP using SSL (port 443)
The typical guides from Amazon and other books walk thru setting up a RD Gateway in a SEPARATE ec2 instance and use that as the jump box.
https://docs.aws.amazon.com/quickstart/latest/rd-gateway/architecture.html#best-practices
This is all good except that,
I do not want to have an additional ec2 within each VPC.
(I understand that there are other options to have a centralized RD Gateway in its own vpc and then using VPC peering etc. But I don't want to go that route for various reasons).
So, my question is:
Is it possible to setup the RD gateway directly on the ec2 instance to
which I ultimately want to RDP into ? and use SSL(port 443) for
connecting thru RDP?
Thanks in advance.
I tried this out successfully. I created an EC2 windows 2016 server.
I installed RD gateway using the powershell command.
Install-WindowsFeature RDS-Gateway -IncludeManagementTools
Then I launched the RD gateway manager.
configured the CAP and RAP to allow my Remote Desktop Users to access any resource.
Used the ssl certificate which I created using certroot in linux.
From aws console, opened the port 443 in the security group to allow connections from my public to the ec2 instance. (No other ports were opened).
From my local computer, I setup a RDP connection such that:
The RD Gateway server setting had the RD gateway server name (ex. poc.mydomain.com)
This should match the ssl certificate.
The remote computer name was specified as "localhost" (implying that the same server needs to be connected to).
After providing the right credentials, I was connected the the ec2 instance using RDP.
I have an Express API server running on localhost on my own machine. How do I make it accessible from the Internet and not just my own machine?
Preferably, it would be deployed on AWS.
In AWS there are multiple ways of hosting your express application based on flexibility vs convenience.
AWS Elastic Beanstalk:
This will provide you more convenience by creating an autoscaling and loadbalancing environment with version management and roll back support from one place in AWS web console. Also provide you IDE support for deployments and CLI commands for CI/CD support.
AWS ECS:
If you plans to dockerize your application(Which I highly recommend) you can use AWS ECS to manage your docker cluster with container level Autoscaling and loadbalancing support for more convenience. This also provides CLI for CI/CD.
AWS EC2:
If you need more flexibility, you can get a virtual server in AWS and also manually configure autoscaling and loadbalancing which I prefer as the least option simply for a web app since you have to do most of the things manually.
All this services will provide you with publicly accessible URL if you configure them properly to grant access from outside. You need to configure networking and security groups properly either exposing the loadbalancer or instance IP/DNS URL to the outside.
I'am quite new to setting up and managing websites, domains and stuff.
I purchased a domain (let's say example.de) and registerd it on my vserver running Parallels Plesk. As I need secure access I requested and created a SSL-Certificate at startssl.com. The developed application (Spring-Boot) runs on an EC2-Instance at AWS. The Product-Website runs on an Apache-Webserver on an EC2 instance. I need to secure both, the App (app.example.de) and the Website (example.de) using SSL.
What I want to archive is a redirect from the domain https://example.de to the EC2 Instance. I already tried several things - some I remember from the try&error marathon
Configure Plesk frame-forwarding the traffic on https://example.de to the ec2-ip
Obviously the Browser warns me that the Certificate is issued for example.de and not for and classifies the traffic as unsecure. Same like when accessing it like https://...
I also uploaded the certificate at Plesk - Also without success
Is there a solution for my setup? Or do I need (or is it recommened) to use Amazon Route53 for that task? Would be nice if someone could guide me and provide some tipps as I am pretty new to this topics.
Thanks
It seems there is no way around AWS route 53.
I figured out that there is a Extension for Plesk that is designed to route traffic using route53 and even a nice manual article at the Plesk homepage how to use any external DNS and also Route53 Extension. As this Extension requires a newer version of Plesk, than that one I am using I wasn't able to install it. I am pretty much bound to this version, so an update didn't come into question. I cannot tell for sure if using this Extension solves my initial problem, but it seems to be a potential solution.
The most simplistic solution (at least for me):
I ended up moving my Domain the AWS, created a Hosted-Zone, Added a Record Set with the IP of the EC2 and the DNS Server provided due the hosted Zone. Everything is now working like a charm.
Some more Background: The Product-Website and App-Frontend are running inside an Apache where I installed mod_ssl and configured SSL access. The Application backend runs as a Spring-Boot-App in a Tomcat where I also configured SSL using a TomcatConnectorCustomizer.
This setup works for my scenario
We are using an ec2 instance with windows 2012 just installed Apache 2.4 with an elastic IP.
I can log on using Remote desktop just fine. We can access the webserver locally using localhost but we cannot access it from outside. We have even tried opening up all ports and all IPs to make sure we didn't do anything wrong.
WE have worked with Linux servers like Ubuntu in the past on EC2 instances. Even though we are familiar with AWS Firewall and Security Groups we did miss that Windows has its own Firewall. Changing the Windows Firewall rules was the solution.