2 Answers
- Newest
- Most votes
- Most comments
0
If you are using AWS CloudFront Distribution service, you can configure Allow-list in Geographic restriction section to allow for SA and Mexico. And whatever origin is fronted by CloudFront, you will configure it to only allow connections via CloudFront and no direct-access to Origin ( for example ALB).
answered 2 years ago
0
There are 3 ways to block traffic by Geo, these can be used for public facing endpoints such as Elastic Load Balancers:
- Using CloudFront Distributions: https://repost.aws/knowledge-center/cloudfront-geo-restriction
- Using AWS WAF: https://repost.aws/knowledge-center/waf-allow-block-country-geolocation
- Using Route53: Not blocking but redirect users outside of the approved Geos to a different endpoint with either an error or no reply.
If these solutions are not applicable can you provide extra details about your use case, like the services you want to restrict, which will help people answer.
Relevant content
- asked 2 years ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 5 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
We are not using AWS CloudFront Distribution service, any other option ?