DEV Community

Cover image for Securing your Load Balancer with CloudFront
Anuvindh for AWS Community Builders

Posted on • Updated on • Originally published at ictpro.co.nz

Securing your Load Balancer with CloudFront

DAY 24 - Securing your Load Balancer with CloudFront - Day Twenty Four

Image tweet

100 days of Cloud on GitHub - Read On iCTPro.co.nz - Read on Dev.to


Restrict your LoadBalancer's public access, let internet have access to your app only via CloudFont.

Prerequisite

  • Understanding of how LoadBalancer work.
  • Your app delivering content via CDN from LoadBalancer.
  • Application Load Balancer with at least one listener. Image LB

Tutorial

Updating Rules

As of now I believe you have at least configured Listeners for your Load Balancer.

lets update the rules for the listener

  • goto LoadBalaner from EC2 dashboard and select your LB.
  • Then Select listeners and Click View/edit rules

Image rule

  • Select edit Image edit

  • Delete the current forward to , and click add actionthen Return fixed response....

  • Response code = 403 , Content-Type = text/plain , Response body = Access Denied , Now click the tick mark and update.
    Image rule1

Custom header rule

In this stage we create a Custom header.

  • Goto + and click Insert Rule.
  • Add condition as Http header.
  • add X-Custom-Header as header Header name, give a random unique value RandomValue-1234567890.
  • Now foward this to your TargetGroup
  • Now Save it. Image rule2

Update the CloudFront -CDN

  • Goto CloudFront console and select your distribution.
  • Select Orgins and click edit.

  • Under Add custom header - optional

  • Update Header name =X-Custom-Header , Value=RandomValue-1234567890 and click Save
    Image CDN

🎉Congratulations🎉 you have successfully secured your load balancer.

Image Congratulations


✅Connect with me on Twitter
🤝🏽Connect with me on Linkedin
🧑🏼‍🤝‍🧑🏻 Read more post on dev.to or iCTPro.co.nz
💻 Connect with me on GitHub

Top comments (0)