AWS re:Postを使用することにより、以下に同意したことになります AWS re:Post 利用規約
AWS re:Postre:Post

TLS Termination with an ELB

0

Hi,

I'm using an ELB that listens to https traffic on port 443 using TLS with an ACM certificate, decrypts traffic and then forwards it over http port 80 to the target EC2 instances. The ELB and target instances are in the same VPC. Is this secure or should I be forwarding traffic from the ELB to the target servers using HTTPS?

Thanks,
David

トピック
ネットワークとコンテンツ配信
タグ
Amazon VPC
言語
English
davemeyer
質問済み 5年前393ビュー
2回答
0

Hi,
In my opinion, if your EC2 instances are in a private subnet and the security groups are set in place, you are secure. At some point in the flow of traffic from the client to the final destination on the EC2 instance, your traffic will be decrypted, so its a matter of personal choice as to whether or not you feel that a private subnet within a VPC is considered "secure" enough. Note: if you are in a heavy regulated industry, such as banking, then you will be required to add encryption on the backend. You can find many links online debating this topic. Here is one from security.stackexchange.com.
https://security.stackexchange.com/questions/30403/should-ssl-be-terminated-at-a-load-balancer
Hope this helps a bit,
-randy

RandyTakeshita
回答済み 5年前
0

Thanks Randy, that is helpful.

davemeyer
回答済み 5年前

ログインしていません。 ログイン 回答を投稿する。

優れた回答とは、質問に明確に答え、建設的なフィードバックを提供し、質問者の専門分野におけるスキルの向上を促すものです。

質問に答えるためのガイドライン

関連するコンテンツ