Deploy Streamlit App behind Firewall on AWS EC2

Hi,

I’m trying to deploy an app on an EC2 instance thats behind a firewall, where only people on the company network/vpn can access it. Is this possible? I’m less familiar with networking so I’m not too sure how this can work if streamlit is supposed to be deployed on port 8501, which is what i’ve been seeing in most articles

Yes, you can do it. You need to bind it to the internal IP address of the EC2 instance, not the public IP. You can do this by creating the ~/.streamlit/config.toml file and adding the following:

[server]
headless = true
enableCORS = false
address = "0.0.0.0"  # Listens on all available interfaces
port = 8501

Subsequently, you must implement firewall rules by navigating to the Security Groups of your EC2 instance within the AWS Management Console. Verify that the Security Group permits inbound traffic exclusively from your company’s internal network or VPN.

If you require more advanced routing capabilities or wish to enhance the application’s security through HTTPS, you can utilize an internal load balancer or reverse proxy to redirect requests to your Streamlit application running on port 8501.