DEVHIDE
Login Or Sign up

Whitelist EC2 instances in ASG to access AWS WAF

436 Views Asked by At

I have a CloudFront Distribution with WAF(Web Application Firewall) attached to it, to restrict public access. I also have a fleet of EC2 instances running under an ASG(autoScaling Group) and I wish to whitelist the EC2 instances to access the CloudFront distribution. Is it possible to create such a configuration in my infrastructure?

Please note that the IP addresses of the EC2 instances are not fixed. They are controlled by the ASG attached. Also, the ASG is created in a public subnet. Any help would be appreciated. Thanks

amazon-web-services amazon-ec2 web-application-firewall amazon-waf aws-auto-scaling
Original Q&A
1

There are 1 best solutions below

1
On

You would have to trigger some sort of script every time the ASG adds an instance, to add the instance's public IP to the WAF.

I would suggest moving the EC2 instances to private subnets with routes to NAT gateways, then you would only have to whitelist the Elastic-IPs of the NAT Gateway(s).

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-EC2

Related Questions in WEB-APPLICATION-FIREWALL

Related Questions in AMAZON-WAF

Related Questions in AWS-AUTO-SCALING

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.