DEV Community

Cover image for Securing your Load Balancer with CloudFront
Anuvindh for AWS Community Builders

Posted on • Edited on • Originally published at ictpro.co.nz

6 4

Securing your Load Balancer with CloudFront

DAY 24 - Securing your Load Balancer with CloudFront - Day Twenty Four

Image tweet

100 days of Cloud on GitHub - Read On iCTPro.co.nz - Read on Dev.to


Restrict your LoadBalancer's public access, let internet have access to your app only via CloudFont.

Prerequisite

  • Understanding of how LoadBalancer work.
  • Your app delivering content via CDN from LoadBalancer.
  • Application Load Balancer with at least one listener. Image LB

Tutorial

Updating Rules

As of now I believe you have at least configured Listeners for your Load Balancer.

lets update the rules for the listener

  • goto LoadBalaner from EC2 dashboard and select your LB.
  • Then Select listeners and Click View/edit rules

Image rule

  • Select edit Image edit

  • Delete the current forward to , and click add actionthen Return fixed response....

  • Response code = 403 , Content-Type = text/plain , Response body = Access Denied , Now click the tick mark and update.
    Image rule1

Custom header rule

In this stage we create a Custom header.

  • Goto + and click Insert Rule.
  • Add condition as Http header.
  • add X-Custom-Header as header Header name, give a random unique value RandomValue-1234567890.
  • Now foward this to your TargetGroup
  • Now Save it. Image rule2

Update the CloudFront -CDN

  • Goto CloudFront console and select your distribution.
  • Select Orgins and click edit.

  • Under Add custom header - optional

  • Update Header name =X-Custom-Header , Value=RandomValue-1234567890 and click Save
    Image CDN

🎉Congratulations🎉 you have successfully secured your load balancer.

Image Congratulations


✅Connect with me on Twitter
🤝🏽Connect with me on Linkedin
🧑🏼‍🤝‍🧑🏻 Read more post on dev.to or iCTPro.co.nz
💻 Connect with me on GitHub

Image of Datadog

The Essential Toolkit for Front-end Developers

Take a user-centric approach to front-end monitoring that evolves alongside increasingly complex frameworks and single-page applications.

Get The Kit

Top comments (0)

Best Practices for Running  Container WordPress on AWS (ECS, EFS, RDS, ELB) using CDK cover image

Best Practices for Running Container WordPress on AWS (ECS, EFS, RDS, ELB) using CDK

This post discusses the process of migrating a growing WordPress eShop business to AWS using AWS CDK for an easily scalable, high availability architecture. The detailed structure encompasses several pillars: Compute, Storage, Database, Cache, CDN, DNS, Security, and Backup.

Read full post