Closed kenoir closed 9 years ago
philwills
commented
9 years ago Hmm, that certainly used to be a 'magic' AWS name that just worked. My guess would be that this was a VPC thing, but I thought I had in the changes that @rtyley made so that membership could work on VPC.
rtyley
commented
9 years ago I never got a far as actually pull-requesting the changes, so unfortunately they were never merged!
https://github.com/guardian/status-app/tree/vpc-cloud-formation
philwills
commented
9 years ago OK, assuming @kenoir that you've tried it and it runs successfully, I'm happy to merge.
kenoir
commented
9 years ago @philwills we're using this CF to run the app in the workflow AWS account. I'm not sure about backwards compatibility though.
philwills
commented
9 years ago Just tried applying this to the Ophan version which is in EC2 classic and got "Security groups can be applied to only ELBs in VPC.", which is a bit of a pain. I think for the moment we probably need to parameterise this, or have two templates, though neither of those options is terribly appealing.
We have been talking about moving everyone over to VPC as Amazon is definitely pushing us that way.
kenoir
commented
9 years ago @philwills I went down the path of trying out conditions in the CF, work in progress: https://gist.github.com/kenoir/2a95ef5849bc6d012450
kenoir
commented
9 years ago @philwills after playing about I think trying to squeeze all the options (use vpc?/use ssl cert on load balancer?) is too complicated. I've created another CF config instead.
This PR creates a security group for the load balancer, rather than rely on one existing.