2回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Hi cloudarch,
You could look for these options:
- Enable WAF on CloudFront. At least it will prevent certain malicious XSS script attack. You can leverage default manage rules, block countries and more: https://www.wellarchitectedlabs.com/security/200_labs/200_cloudfront_with_waf_protection/
- A quick temporary win can be to leverage CloudFront functions and or Lambda@Edge to perform some lightweight authentication such as Basic Auth, where you share “beta” credentials to your users and check those. This is an example: https://gist.github.com/lmakarov/e5984ec16a76548ff2b278c06027f1a4.
hope above helps you
0
If you had to restrict based on IP address (not something I'd normally recommend; but in this case it's probably suitable):
Normally Workspaces instance access the internet via a NAT Gateway in the VPC that the instances are running. That NAT Gateway has a static IP address so it would be reasonably easy to work with that.
関連するコンテンツ
- 質問済み 5年前
- AWS公式更新しました 10ヶ月前