By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Limit access to MWAA Public Environment UI

0

I set up a public mwaa environment but i want to limit UI access to only specific IP range I tried to remove everything from the inbound security group that mwaa public environment is using but it is still accessible from the public internet, removing it also caused scheduler to crash but i added 5432 port and it is fixed, that is the only inbound rule that the environment has I am probably missing sth but not sure what Is it possible to limit access to UI ? Thanks

Topics
Networking & Content DeliveryApplication IntegrationAWS Well-Architected Framework
Tags
Amazon VPCNetworking & Content DeliveryAmazon Managed Workflows for Apache Airflow (MWAA)SecuritySecurity Group
Language
English
rePost-User-3422586
asked a year ago277 views
1 Answer
1

You may limit MWAA UI access using IAM's SourceIp condition: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition_operators.html#Conditions_IPAddress

AWS
John_J
answered a year ago
  • john
    a year ago

    I got an error though

    Private IP Address: aws:SourceIp works only for public IP address ranges. The values for condition key aws:SourceIp include only private IP addresses and will not have the desired effect. Update the value to include only public IP addresses

    For my private environment there is a route table addressing

    Destination lets say 10.1.0.0/16 Target tgw-....

    I want to limit my public UI access to only that private ip range

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content