[AWS] Control ALB to only allow access from CloudFront
If we want ALB only accpet traffic from CloudFront, NOT from public www. Then we can add a customer head in CloudFront. In ALB, we set conditional rule to check custom header, if there is no customer header, reject the request.
CloudFront: set a custom header:
ALB: set listener rule:
If the customer header matches, then forward the request to Target group
If not match, then return 503 response
--
You are not able to put ALB into private subnet, it has to be in Public subnet because CloudFront cannot access private subnet.
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 阿里最新开源QwQ-32B,效果媲美deepseek-r1满血版,部署成本又又又降低了!
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 开源Multi-agent AI智能体框架aevatar.ai,欢迎大家贡献代码
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· AI技术革命,工作效率10个最佳AI工具
2021-03-26 [Web] Monolith vs Microservices
2021-03-26 [Web] When Not to Use Microservices
2020-03-26 [HTML 5 Performance] Optimize Cross-browser Images with webp and the 'picture' Element
2020-03-26 [HTML 5 Performance] Benchmark functions runtime in chrome console
2020-03-26 [HTML 5 Performance] Measuring used JS heap size in chrome
2020-03-26 [Javascript] Private class properties in Javascript
2020-03-26 [Tools Vim] Open Files into Vim from the Terminal as buffers, splits, and tabs