[Task]: Secure access control for load balance URL

HHS / simpler-grants-gov

https://simpler.grants.gov

Other

46 stars 13 forks source link

[Task]: Secure access control for load balance URL #1005

Open sumiat opened 10 months ago

sumiat commented 10 months ago

Summary

The current configuration of the load balancer URL presents a security risk as it is accessible without restrictions. To enhance security, we need to implement access controls to either block public access entirely or limit access to users connected via VPN.

Acceptance criteria

[ ] The load balancer URL is either entirely blocked from public access or limited to VPN users only.
[ ] Testing validates the effectiveness of the implemented access controls.

jldroid19 commented 10 months ago

The security scans against that endpoint don't show any critical or high vulnerabilities. However, this is an http endpoint and the security controls say we need to block all insecure ports going into the environment.

coilysiren commented 10 months ago

However, this is an http endpoint and the security controls say we need to block all insecure ports going into the environment.

We have a separate ticket for that! https://github.com/HHS/simpler-grants-gov/issues/961