This change support using a custom CIDR range for ALB, so you can block public access while still being able to use most of the scenarios.
Use alb_sg_custom_cidr_blocks to override 0.0.0.0 with a list of IP range you want to allow
You can use the option alb_sg_allow_cloudfront to create security group from aws_ip_ranges
You can use alb_sg_allow_api_gateway to allow API gateway requests from the same region
You can use alb_sg_allow_api_gateway_region to pass additional API regions
You can use alb_additional_sg to pass additional security groups
Types of changes
What types of changes does your code introduce to ?
Put an x in the boxes that apply
[ ] Bugfix (non-breaking change which fixes an issue)
[x] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
[ ] Documentation Update (if none of the other choices apply)
Checklist
Put an x in the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This is simply a reminder of what we are going to look for before merging your code.
[X] I have read the CONTRIBUTING.md doc.
[ ] I have added the necessary documentation (if appropriate).
[ ] Any dependent changes have been merged and published in downstream modules.
Further comments
If this is a relatively large or complex change, kick off the discussion by explaining why you chose the solution you did and what alternatives you considered, etc...
This change support using a custom CIDR range for ALB, so you can block public access while still being able to use most of the scenarios.
Types of changes
What types of changes does your code introduce to?
Put an
xin the boxes that applyChecklist
Put an
xin the boxes that apply. You can also fill these out after creating the PR. If you're unsure about any of them, don't hesitate to ask. We're here to help! This is simply a reminder of what we are going to look for before merging your code.Further comments
If this is a relatively large or complex change, kick off the discussion by explaining why you chose the solution you did and what alternatives you considered, etc...