Amazon Web Services supports three types of Load Balancers. An Application Load Balancer (ALB) functions at the application layer, the seventh layer of the Open Systems Interconnection (OSI) model.
Questions tagged [amazon-alb]
95 questions
0
votes
1 answer
Do AWS WAF logs capture all traffic, or just rule matches?
I want to implement some AWS WAF rules but I need more knowledge of the quantity (origin, resource, etc) of requests that come through my loadbalancer.
Can I skip ALB logs and get logs for requests to ALB using WAF? Or, does WAF only produce logs…
JoeS
- 11
- 2
0
votes
0 answers
WAF-protected ALB scaling costs in DDoS scenario
I have an ALB behind Cloudfront. Both of which have SSL certificates and therefore provide SSL offloading, both protected with WAF WebACLs. The ALB's ACL checks a header - a common practice protecting ALB from direct access (bypassing CF).
-SSL--> …
almondandapricot
- 1
- 1
0
votes
1 answer
Configure an EC2 instance as firewall of an Application Load Balancer
My current infrastructure is basically an DNS (Route 53) -> WAF -> ALB. The WAF is in front of the load balancer with some AWS managed filters. My application is a PHP web page and an API.
Now I'm trying to improve the security and have been trying…
Keoma Borges
- 131
- 1
- 5
0
votes
1 answer
How to set a public LB route to a proxy on AWS?
I built this traffic route in a VPC.
Route53->ACM(SSL)->Public ALB->EC2(Nginx proxy)->Private ALB->ECS(Internal App)
The EC2's security group is allowing tcp 80 and 443. The ECS' security group is allowing 80 from EC2's security group.
When I…
uotn
- 17
- 3
0
votes
1 answer
Secure websocket connection to server running on EC2 fails
I have a node.js websocket server running on an EC2 instance on port 8080. Normal websocket connections (ws://) work fine but when I'm trying to make a secure connection (wss://), the websocket connection fails.
I realise that wss requests are sent…
Debabrata Mondal
- 1
- 2
0
votes
0 answers
Nginx proxy pass alternative in AWS
In my Nginx config I am setting up a reverse proxy rule to s3 bucket like below
location ~ /feeds/(.*\.rss$){
...
proxy_pass https://xxx.s3.amazonaws/feed/$1;
...
}
Is there a way that I can remove this proxy task from nginx. And use AWS managed…
0
votes
0 answers
Throwing 404 errors AWS
What might be the possible reason why the 502s were being returned here?
The 403s also look like WAF is firing them. Could anyone please suggest a way to allow those resources to be safely given to clients?
Below is a list of the errors:
Non 200…
samtech
- 1
- 2
0
votes
0 answers
Application Load Balancers Requests Hanging
In my aws env requests are hanging at the ALB for some reason. I haven't been able to identify a cause yet aside from Cache hanging requests there and possibly the session write being left open causing it to wait. what might be the possible reason…
Santosh Baruah
- 21
- 4
0
votes
1 answer
Cloudfront 502 error with ALB origin in different region
I have a CloudFront which has one of its origins as an application load balancer, this load balancer is available in a different region from the CloudFront which is only available in N.Virginia and is using a different SSL certificate, as its domain…
Odasaku
- 1
0
votes
1 answer
AWS ALB Shows Target Group unhealthy, even though port 80 is open to Internet
I've built an AWS ALB & Target group via Terraform and everything looks correct but the Target Group is reporting unhealthy for HTTP, HTTPS, and TCP. The instance is a t3.nano in us-east-2 and has Nginx installed and running.
I've verified the…
John Heyer
- 181
- 2
- 8
0
votes
1 answer
AWS EKS Ingress Timeout On Any Non-Root Path
We have configured an Ingress resource on our EKS cluster with rewrites from /.* on the load balancer to the matching URI upstream. If we visit staging.my-domain.com/, we see a successful health-check response as expected. However, any other url,…
DragonBobZ
- 151
- 1
- 2
0
votes
1 answer
AWS CodeDeploy with two listeners
I have an application load balancer with two listeners ( 80 and 443 ) and I want use CodeDeploy to deploy my fargate container.
I cannot redirect http traffic to https...
With CodeDeploy I can set up only one listeners in the prod_traffic_route,…
SaroVin
- 130
- 3
0
votes
1 answer
Unable to setup Apache NiFi behind AWS ALB
I am having an issue setting up Apache NiFi behind AWS ALB. I can currently access the UI when hitting the server's public IP address directly but have been unsuccessful getting it working behind the ALB. It does work behind the ALB when HTTPS is…
BeersNGears
- 1
- 2
0
votes
0 answers
SPA from S3 and Java backend in the same domain. ALB fixed response limit
I would like to have S3 bucked stored Single Page Application and its backend in the same domain. Now I am using ALB Listeners configuration to serve a fixed response for my index.html (by path). The default rule poits to a Target Group hosting my…
Marek Raki
- 187
- 9
0
votes
1 answer
What could explain downtime when ALB connection count is high but request rates are low?
I have a backend service on EC2s, and requests to the EC2s are routed through an ALB.
My backend service had a brief downtime during which it's response latency shot up. This led to a massive build up of connection count at the ALB.
However, when…
Shubham Kanodia
- 103
- 2