<  Back to rules search

ELBv2 load balancer is not internet facing

Classification:

compliance

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

Secure your Application Load Balancers (ALB) or Network Load Balancers (NLB) with an internal ELBv2 load balancer.

Rationale

Internet-facing load balancers receive a public DNS name. Secure your connection by using an ELBv2 load balancer instead.

Remediation

Console

Follow the Create an application load balancer docs to learn how to create an internal load balancer that routes requests to targets using private IP addresses.

CLI

Run create-load-balancer with a load balancer name, scheme, and subnet.

create-load-balancer.sh

aws elbv2 create-load-balancer
--name my-internal-load-balancer
--scheme internal
--subnets subnet-b7d581c0 subnet-8360a9e7

See the create-load-balancer AWS CLI docs to create a load balancer for a network or gateway.