Step 7: Enable Additional Load Balancer Options (Optional)

Add a security layer and enable other Load Balancer options

This step is optional and unneeded for the example application in this tutorial; however, production cloud apps require an elevated level of protection.

To set up a Web Application Firewall (WAF) for a production application, follow the steps in the .

In this tutorial step, for the Application Load Balancer (ALB) you created in , you will:

Enable access logging to monitor details and record incoming traffic data. Access logs are crucial for analyzing traffic patterns and identifying potential threats, but they are not enabled by default. You must manually activate them in the Load Balancer settings.
Protect against requests that contain .

Estimated time to complete Step 7: 5 minutes.

Prerequisites

Before securing a Load Balancer, verify that you accomplished the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

An exist, both named NONPROD.
The NONPROD infrastructure has EKS.
A Tenant named .
A Host named .
A Service named .
An has been created.

Securing the Load Balancer

In the Tenant list box, select the dev01 Tenant.
In the DuploCloud Portal, navigate to Kubernetes -> Services.
From the NAME column, select the Service (demo-service).
Select the Load Balancers tab.
In the Other Settings card, click Edit. The Other Load Balancer Settings pane displays.
Select the Enable Access Logs and Drop Invalid Headers options.
Accept the remaining default settings and click Save. The settings are updated.

Checking Your Work

In the Tenant list box, select the dev01 Tenant.
In the DuploCloud Portal, navigate to Kubernetes -> Services.
From the NAME column, select the Service (demo-service).
Select the Load Balancers tab.
Verify that the Other Settings card contains the selections you made above for:

Web ACL - None
HTTP to HTTPS Redirect - False
Enable Access Logs - True
Drop Invalid Headers - True

Enabling access logs enhances the security and monitoring capabilities of your Load Balancer and provides insights into the traffic accessing your application, for a more robust security posture.

PreviousStep 6: Create a Load Balancer NextStep 8: Create a Custom DNS Name (Optional)

Last updated 1 month ago

Was this helpful?

Securing the Load Balancer

In the Tenant list box, select the dev01 Tenant.

In the DuploCloud Portal, navigate to Kubernetes -> Services.

From the NAME column, select the Service (demo-service).

Select the Load Balancers tab.

In the Other Settings card, click Edit. The Other Load Balancer Settings pane displays.

Select the Enable Access Logs and Drop Invalid Headers options.

Accept the remaining default settings and click Save. The settings are updated.

Checking Your Work

In the Tenant list box, select the dev01 Tenant.

In the DuploCloud Portal, navigate to Kubernetes -> Services.

From the NAME column, select the Service (demo-service).

Select the Load Balancers tab.

Verify that the Other Settings card contains the selections you made above for:

Web ACL - None

HTTP to HTTPS Redirect - False

Enable Access Logs - True

Drop Invalid Headers - True

Enabling access logs enhances the security and monitoring capabilities of your Load Balancer and provides insights into the traffic accessing your application, for a more robust security posture.