2 Risposte
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
Hi cloudarch,
You could look for these options:
- Enable WAF on CloudFront. At least it will prevent certain malicious XSS script attack. You can leverage default manage rules, block countries and more: https://www.wellarchitectedlabs.com/security/200_labs/200_cloudfront_with_waf_protection/
- A quick temporary win can be to leverage CloudFront functions and or Lambda@Edge to perform some lightweight authentication such as Basic Auth, where you share “beta” credentials to your users and check those. This is an example: https://gist.github.com/lmakarov/e5984ec16a76548ff2b278c06027f1a4.
hope above helps you
0
If you had to restrict based on IP address (not something I'd normally recommend; but in this case it's probably suitable):
Normally Workspaces instance access the internet via a NAT Gateway in the VPC that the instances are running. That NAT Gateway has a static IP address so it would be reasonably easy to work with that.
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata 8 mesi fa
- AWS UFFICIALEAggiornata 3 anni fa