I have two beanstalks and for both the ec2s are in a the same private subnet(so their vpc is the same as well). And I have their loadbalancers in the same public subnets.
One is called API and another UI. I need the API one just to give access to the UI one
so this is what I did:
1) The loadbalancer on UI will accept any external request so the security group there is widely open. and the Ec2 of the UI will accept the loadbalancer security group as follows:
2) The Ec2 of the beanstalk on UI needs to talk to the loadbalancer of API so the API security group should accept the security group of EC2 of UI beanstalk as a source
Now when I run the UI beanstalk to talk to API the security group of the loadbalancer on beanstalk wont allow it bur as soon as I add 0.0.0.0 to the security group of loadbalancer on API(which means open access to public) (and the Ec2 of the API beanstalk will talk to API loadbalancer which is work fine) then everything works fine.
Any idea how I can make it work?