How to resolve Sprinto check to restric public access on AWS application load balancer

About:

Sprinto Check: AWS application load balancer should be protected from direct internet traffic

This Sprinto check verifies that your AWS Application Load Balancer (ALB) is properly configured to prevent direct access from the internet, ensuring that only authorized traffic can reach your applications and services.

Purpose:

The purpose of this check is to enhance the security posture of your AWS environment by limiting the attack surface and potential entry points for unauthorized access. By restricting direct internet access to your Application Load Balancer, you can mitigate the risk of distributed denial-of-service (DDoS) attacks, unauthorized traffic, and potential exploitation of vulnerabilities.

How to fix

Follow the below steps to fix this check

Before you begin

• Ensure you have admin access on the AWS account to modify the load balancers configurations.

Restrict public access to Application Load Balancer (ALB)

1. Log in to the AWS Console using your credentials or the Single Sign-On (SSO) option.

2. Navigate to the AWS EC2 service.

3. Click on Load balancer from the navigation bar on the left side.

   
4. Select the ALB from the list for which you wish to review the public access.

5. Click on the Security tab to review the ALB's assigned security group. Ensure the security group allows inbound traffic from trusted sources, such as your corporate network or VPN, and denies direct access from the Internet.

6. Repeat the above steps to for all ALB created on AWS EC2 service.

Sprinto detects the configuration change and sets the check status to “Passing.”

Contact Sprinto support if you have any queries related to the check or need assistance.