AWS NLB to ALB IP Whitelisting
Question
I've implemented this solution provided by AWS: Using static IP addresses for Application Load Balancers but I came across a problem.
I need to whitelist some static IP's and since this solution requires for the targets to communicate to IP's instead of instances, the IP Preservation is not done on the NLB as mentioned here: Target Groups for Your Network Load Balancers .
So, I can't really do a whitelist neither on the Security Groups nor on the NACLs.
Does anyone have a solution to this problem while maintaining this architecture?
1 answers
solution1
0 2019-08-10 22:05:38
Have you checked out the section The steps the Lambda function takes in the article that you have mentioned here Using static IP addresses for Application Load Balancers ?
You can get the IPs to whitelist from AWS S3 bucket as well as AWS CloudWatch stream. You can even automate the process of updating the Security Group inbound and outbound rules either by updating the same AWS Lambda function or by creating your own and using AWS SDK API calls like authorize_security_group_ingress() and revoke_security_group_ingress() via a Lambda function triggered on Object upload (new IP list) on S3.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.