By default, the Ryft Elasticsearch instance uses a security group with 9 ports that are left open, and the Toolkit instance uses a security group with 7 ports left open. 3 Elasticsearch ports and 2 Toolkit ports must be changed to restrict them to the internal private IP domain for inbound traffic.
On Ryft Elasticsearch instances, restrict these 3 ports:
On Ryft Toolkit instances, restrict these 2 ports:
If you are launching more than one instance using the same security group, you only need to perform this action a single time. Once done, any future instances using the same security group inherit the restrictions.
Follow these steps to restrict the security group assigned to an Elasticsearch instance (3 ports):
- From the EC2 Console select your running instance. View the Description information at the bottom of the screen, and click the Security Group name.
- The Security Group details page displays. Click the Inbound tab to see all of the inbounds. Copy the group ID shown. Click Edit.
- Change the Inbound rules to match the Group ID on port 9300, port 8500, and ports 8300-8600 by pasting the copied Group ID into the right-most field, as shown.
- Click Save.
Follow the same steps to limit the 2 ports for Ryft Toolkit instances.
Next Step: Download Release Update & Install