Configuring service access will allow you to access the configuration of the permissions and users that will generate the infrastructure, that is, the servers with EC2 and the network load balancer as we mentioned above.
To configure access to the service you must:
Next, you will need to specify the IAMs associated with the EBS server deployment. To do this, you will need to have the “aws-elasticbeanstalk-service-role” in place. To configure the effective pakistan mobile numbers list aws-elasticbeanstalk-ec2-role for Elastic Beanstalk, you can follow these steps:
Navigate to IAM: Go to the IAM (Identity and Managed Access) service.
Select Roles: In the left navigation panel.
Find the role: In the list of roles, find or create the aws-elasticbeanstalk-ec2-role role.
Edit role permissions: Select the role and click "Attach Policies".
Attach the necessary policies: For Elastic Beanstalk to work properly, make sure that the role has at least the necessary permissions to access the required resources, such as S3, EC2, etc. If it does not have permissions by default, you must make sure to attach these 3 permissions ( AWSElasticBeanstalkMulticontainerDocker, AWSElasticBeanstalkWebTier, AWSElasticBeanstalkWorkerTier).
Review and apply changes: Once you have attached the necessary policies, review the changes and click "Attach Policies" to apply them.
And also configure the service role that will manage the EBS “aws-elasticbeanstalk-service-role” in IAM.
Navigate to IAM: Go to the IAM (Identity and Managed Access) service.
Select Roles: In the left navigation panel.
Find the role: In the list of roles, find or create the aws-elasticbeanstalk-service-role role.
Edit role permissions: Select the role and click "Attach Policies".
Attach the necessary policies: For Elastic Beanstalk to work properly, make sure that the role has at least the necessary permissions to access the required resources such as S3, EC2, etc. If it does not have permissions by default, you must make sure to attach these 5 permissions (AWSElasticBeanstalkEnhancedHealth, AWSElasticBeanstalkManagedUpdatesCustomerRolePolicy, AWSElasticBeanstalkMulticontainerDocker, AWSElasticBeanstalkWebTier, AWSElasticBeanstalkWorkerTier).
Review and apply changes: Once you have attached the necessary policies, review the changes and click "Attach Policies" to apply them.
Once you have all the permissions created, you can select them:
2.3. Configure networks
This point is the most relevant to ensure that your backend will be private and will only have access to the internal network that we created in step 1.
Choose the VPC we created in step 1.
Select from the subnets only those that are Private.
2.4. Load balancer network configuration
We move on to configure the “Load Balancer”, the rest of the configuration regarding the server instance I leave to your taste, in this example we leave it by default. Let’s see the detail to configure the load balancer.
Select “Visibility” = “Internal”. This will protect the infrastructure in case the subnet is not selected correctly.
Next, you will need to select the Subnet under which the load balancer will be connected. Here you will also need to select the Private Subnets so that only the API Gateway can access them.
Now it’s time to select the load balancer type, choose “Network load balancer”. The VPC link from the API Gateway will only work with network load balancers.
Configure any other details you feel are necessary for your backend environment such as environment variables etc and then click “Create Environment”.