Step 7: Enable Additional Load Balancer Options (Optional)

In this tutorial step, for the Application Load Balancer (ALB) you created in Step 6, you will:

• Enable access logging to monitor HTTP message details and record incoming traffic data. Access logs are crucial for analyzing traffic patterns and identifying potential threats, but they are not enabled by default. You must manually activate them in the Load Balancer settings.

• Protect against requests that contain invalid headers.

Estimated time to complete Step 7: 5 minutes.

Prerequisites

Before securing a Load Balancer, verify that you accomplished the tasks in the previous tutorial steps. Using the DuploCloud Portal, confirm that:

• An Infrastructure and Plan exist, both named NONPROD.

• The NONPROD infrastructure has EKS Enabled.

• A Tenant named dev01 has been created.

• A Host named host01 has been created.

• A Service named demo-service has been created.

• An Load Balancer has been created.

Securing the Load Balancer

1. In the Tenant list box, select the dev01 Tenant.

2. In the DuploCloud Portal, navigate to Kubernetes -> Services.

3. From the NAME column, select the Service (demo-service).

4. Click the Load Balancers tab.

5. In the Other Settings card, click Edit. The Other Load Balancer Settings pane displays.

5. In the Web ACL list box, select None, because you are not connecting a Web Application Firewall.

6. Select the Enable Access Logs and Drop Invalid Headers options.
7. Accept the Idle Timeout default setting and click Save. The Other Settings card in the Load Balancers tab is updated with your selections.

Checking Your Work

Verify that the Other Settings card contains the selections you made above for:

• Web ACL - None

• HTTP to HTTPS Redirect - False

• Enable Access Logs - True

• Drop Invalid Headers - True

Enabling access logs enhances the security and monitoring capabilities of your Load Balancer and provides insights into the traffic accessing your application, for a more robust security posture.