2 Respuestas
- Más nuevo
- Más votos
- Más comentarios
0
Hi cloudarch,
You could look for these options:
- Enable WAF on CloudFront. At least it will prevent certain malicious XSS script attack. You can leverage default manage rules, block countries and more: https://www.wellarchitectedlabs.com/security/200_labs/200_cloudfront_with_waf_protection/
- A quick temporary win can be to leverage CloudFront functions and or Lambda@Edge to perform some lightweight authentication such as Basic Auth, where you share “beta” credentials to your users and check those. This is an example: https://gist.github.com/lmakarov/e5984ec16a76548ff2b278c06027f1a4.
hope above helps you
0
If you had to restrict based on IP address (not something I'd normally recommend; but in this case it's probably suitable):
Normally Workspaces instance access the internet via a NAT Gateway in the VPC that the instances are running. That NAT Gateway has a static IP address so it would be reasonably easy to work with that.
Contenido relevante
- OFICIAL DE AWSActualizada hace 3 años
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 5 meses