Restrict HTTP Access to Elastic Beanstalk
I have restricted HTTP access to an Elastic Beanstalk application to only certain IP addresses.
Following is my procedure.
Create new beanstalk environment in the VPC(Amazon Virtual Private Cloud).
Please read following documents.
Using AWS Elastic Beanstalk with Amazon VPC
Example: Launching an AWS Elastic Beanstalk Application in a VPC
note: I tried to create a new beanstalk environment(Tomcat) in the VPC using AWS Tookit for Eclipse last month. But I could not create a new beanstalk environment due to the bug of AWS Toolkit for Eclipse. Finally, I could create a new beanstalk environment using a elastic-beanstalk-create-environment command. Therefore I recommend to use elastic-beanstalk-create-environment command.Create a new Network ACL(VPC's function) and open the inbound tab and configure to restrict source IP addresses. Set this Network ACL to the subnet of VPC which have a beanstalk's ELB.
I was able to restrict access to certain IP from a security group. I you look at an EC2 instance of your application the security group points to another one (see below).
Find this other security group, which is the one of the elastic load balancer. If you add inbound IP rules to this SG it will be applied to your application.
Hope this help.