We've released [gRPC support for ALB][1]. Does WAF integrate with that out of the box? Thanks! [1]: https://aws.amazon.com/about-aws/whats-new/2020/10/application-load-balancers-enable-grpc-workloads-end-to-end-http-2-support/

Does WAF support ALB with the new gRPC feature?

We've released gRPC support for ALB. Does WAF integrate with that out of the box?

Thanks!

Topics

Security, Identity, & Compliance Networking & Content Delivery

Tags

AWS WAF Elastic Load Balancing

Language

English

Nir_Sh

asked 3 years ago1406 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

Accepted Answer

The gPRC setting is set on the target group on ALB, and it utilizes HTTP/2 for transport, so simply put - Yes.
You can certainly attach a WAF policy to your ALB, but as for the nature of the actual payload in gRPC I believe there is a risk of triggering false positives (when WAF will match a signature to some pattern in the request as it comes in).

Tzoori Tamam

answered 3 years ago

Relevant content

gRPC streaming through ALB using ECS
rePost-User-1382790
asked a year ago
gRPC Bidirectional Stream WAF ACL Support
robcurran
asked 7 months ago
ALB and gRPC keep alive pings to keep a gRPC stream open
triemann
asked 2 years ago
GRPC API through AWS ALB
Accepted Answer
rePost-User-1873115
asked 2 years ago
How do I migrate from AWS WAF classic to AWS WAF and what is the downtime during the migration?
AWS OFFICIALUpdated 2 years ago
How does AWS WAF handle body inspections for HTTP requests?
AWS OFFICIALUpdated 2 years ago
How can I protect my Amazon EC2 instance with AWS WAF?
AWS OFFICIALUpdated 2 years ago
What support is available for AWS Marketplace rule groups for AWS WAF?
AWS OFFICIALUpdated 2 years ago
AWS WAF & ALB One-Click Integration
EXPERT
Aanchal Agrawal
published 3 months ago
Amazon GameLift releases a new version of the server SDKs and game engine plugins
EXPERT
Sachin
published 2 months ago