Create Network Load Balancer
You next create a Network Load Balancer that passes through the unencrypted traffic from the VPC Link to Aplication Load Balancer.
1. Go to AWS EC2 console.
2. In the left sidebar,
- Choose Load Balancers.
- Click Create load balancer dropdown.
- Select Create Network Load Balancer.
3. In the Basic configuration section,
- For Load balancer name, enter
fcj-nlb. - For Scheme, choose Internal.
4. In the Network mapping section,
- For VPC, choose VPC named
fcj. - For Availability Zones, select subnets fcj-private-01 and fcj-private-04, corresponding to AZs us-east-1a and us-east-1b, respectively.
5. In the Security groups section, select fcj-nlb.
6. In the Listeners and routing section, click Create target group to go to the Create target group console. You will go back this section later to continue the load balancer configuration.
7. In the Basic configuration section,
- For Choose a target type, choose Application Load Balancer.
- For Target group name, enter
tg-alb.
8. Scroll down to the bottom, click Next.
9. In the Register Application Load Balancer section,
- For Application Load Balancer, enter
fcj-alb. - Click Create target group.
10. Back to the Listeners and routing section in step 6, choose the target group named tg-alb.
11. Scroll down to the bottom, click Create load balancer.
12. Note down the DNS name of Network Load balancer for later use.
13. Scroll down to the bottom,
- Select Security tab.
- Click Edit.
14. In the Security setting section,
- Turn off Enforce inbound rules on PrivateLink traffic.
- Click Save changes.
The Network Load Balancer is internal and cannot be accessed publicly. You might need an AWS API Gateway with VPC Link configuration to connect to the Network Load Balancer.