I’m needing to deploy an api on ecs fargate that uses an internet facing network load balancer. After getting all this setup, the api deployed on ecs, and passing health checks, I’m noticing that I get a timeout error when I try to access the Dns nlb name in the browser. I think this may have to do with the firewall. The nlb doesn’t have a security group I can modify so I’m wondering if I’ve setup the fargate service security group correctly or if there’s anything else I can try. I’ve got 443,8443,80,8080 just to cover a few in that security group.
The nlb setup like the following: tcp 443 listener and then the container is hosted on port 8443. My question is, does the timeout issue sound like this has something to do with the firewall, and if so how do I allow the nlb on the ecs service sec group if that’s what’s needed? As of yet I’m unsure where to set the firewall configs for something like this since the nlb doesn’t have a security group.
Port 32768 to 61000 shoud open in security group for tasks in fargate to allow NLB access tasks. accroding to this page, if dynamic ports used in NLB and task definition.
Wish this helps