Restricting incoming NLB traffic to internal IP addresses
0
Customer has a use case which involves handling TCP traffic (not http or https) in their internal VPC.
Is there a way to restrict source IPs? For an NLB there are no security groups.
已提問 4 年前檢視次數 2120 次
1 個回答
- 最新
- 最多得票
- 最多評論
0
If the clients are in the same VPC you could simply use an internal NLB, which will only have private IP addresses, and not be available to clients outside the VPC's private connectivity.
When you use an instance type target group on your NLB, the security group rules s of the targets are applied if they refer to the client's source IP or source network CIDR.
相關內容
AWS 官方已更新 2 年前