[英]Single AWS WAF on multiple ALB
My application architecture's allowed traffic flow is as below in AWS.我的应用程序架构允许的流量在 AWS 中如下所示。
CompanyInternalSubnets(IS)=>ALB with WAF=>EC2 CompanyInternalSubnets(IS)=>ALB with WAF=>EC2
ALB has security groups which allows only traffic from IS. ALB 具有仅允许来自 IS 的流量的安全组。 ALB has WAF which has rules to allow traffic only from IS.
ALB 具有 WAF,其规则仅允许来自 IS 的流量。 EC2 has security group which allows only traffic from ALB's SG.
EC2 具有仅允许来自 ALB SG 的流量的安全组。
I want to create multiple replica of same application in AWS.我想在 AWS 中创建同一应用程序的多个副本。 I will create sperate EC2 and ALB.
我将创建单独的 EC2 和 ALB。 but can i use same WAF and attach it to second ALB or do i need to use separate WAF fur each replica?
但是我可以使用相同的 WAF 并将其附加到第二个 ALB 还是每个副本都需要使用单独的 WAF 毛皮? what is the best practice?
最佳做法是什么?
Thanks谢谢
use the same WAF across since its a replica and why another one?使用相同的 WAF,因为它是一个副本,为什么是另一个? unless you have a different set of rule
除非你有一套不同的规则
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.