By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

looking to have traffic originating from any country other than the SA and Mexico blocked

0

What is the best way to filter traffic by country, just want to have traffic from 2 countries traversing our AWS and block all other countries

Topics
Security, Identity, & Compliance
Tags
Security, Identity, & Compliance
Language
English
rePost-User-1214808
asked a year ago470 views
2 Answers
0

If you are using AWS CloudFront Distribution service, you can configure Allow-list in Geographic restriction section to allow for SA and Mexico. And whatever origin is fronted by CloudFront, you will configure it to only allow connections via CloudFront and no direct-access to Origin ( for example ALB).

rePost-User-bhavincs
answered a year ago
  • rePost-User-1214808
    a year ago

    We are not using AWS CloudFront Distribution service, any other option ?

0

There are 3 ways to block traffic by Geo, these can be used for public facing endpoints such as Elastic Load Balancers:

  1. Using CloudFront Distributions: https://repost.aws/knowledge-center/cloudfront-geo-restriction
  2. Using AWS WAF: https://repost.aws/knowledge-center/waf-allow-block-country-geolocation
  3. Using Route53: Not blocking but redirect users outside of the approved Geos to a different endpoint with either an error or no reply.

If these solutions are not applicable can you provide extra details about your use case, like the services you want to restrict, which will help people answer.

AWS
Rob
answered a year ago
profile pictureAWS
EXPERT
Tushar_J
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content