Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

ALB mTLS only on selected endpoints

0

Is it currently possible to enable mTLS on Aplication Load Balancer only for selected endpoints and not everything under used domain?

New ALB mTLS feature: https://aws.amazon.com/blogs/aws/mutual-authentication-for-application-load-balancer-to-reliably-verify-certificate-based-client-identities/

Tags
Application Load Balancer
Language
English
asked 2 years ago1.1K views
1 Answer
0

Enabling mTLS selectively for specific endpoints would rely on configuring listener rules that direct traffic based on the request path or host header to different target groups. While the ALB's mTLS feature is designed to authenticate client certificates at the listener level, the specificity of applying mTLS to certain endpoints may need to be managed through application logic or additional proxy layers within your architecture that can inspect and enforce authentication at a more granular level.

For ref: https://docs.aws.amazon.com/prescriptive-guidance/latest/patterns/configure-mutual-tls-authentication-for-applications-running-on-amazon-eks.html

If this has answered your question or was helpful, accepting the answer would be greatly appreciated. Thank you!

EXPERT
answered 2 years ago
EXPERT
reviewed 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content