- Newest
- Most votes
- Most comments
Yes, this is the expected behavior. Or at least this is how most AWS resources handler resolving their name.
It is seems like a security risk because a hacker seems to be able to find out information about the internal workings of your infrastructure but that is not necessarily the case.
You have to realize that the returned IP address is from private address ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). These IP address ranges wil not resolve to anything when used on the internet. Pinging or tunneling to them does not work.
So the only thing exposed is something of your internal infrastructure. But you have to realize that a abuser has to know the name of the resource before he can find out the internal IP address. So the only thing you have to do is keep the name a secret as you would do with other sensitive information.
Relevant content
- asked 3 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago