Make ELB public-facing but private: use VPCs, security groups & ACLs

We have an Elastic Load Balancer (ELB) defined in our stack.json file:

"ElasticLoadBalancer": {
            "Type": "AWS::ElasticLoadBalancing::LoadBalancer",
            "Properties": {
                "CrossZone": "false",
                "SecurityGroups": [ { "Ref": "ElbSecurityGroup" } ],
                "Listeners": [
                    {
                        "LoadBalancerPort": "80",
                        "InstancePort": "8080",
                        "Protocol": "http"
                    }

                ],
                "Instances": [ { "Ref": "EC2Instance"} ],
                "Subnets": [ { "Ref": "SubnetId"} ]
            }
        }

and the EC2 instance running Jenkins is also in a public subnet.

We need to make the ELB privately accessible within our company network only, as ELB is generally used as a public facing resource. How do we do that?

To make the ELB privately accessible within the company network only, we need to place the ELB in a private subnet instead of a public subnet. This can be done by modifying the “Subnets” property of the ElasticLoadBalancer resource in the stack.json file to include a private subnet instead of a public subnet. Additionally, the instances behind the ELB must also be in the same private subnet.