I'm looking for insights on the security of path-based routing in the context of a 3-tier cloud-native application that utilizes ECS and CodePipeline for continuous integration and delivery. Is this routing method considered secure and is it commonly used in the industry?
1 Answer
Path-based routing is pretty standard in the industry. However, the real security concerns come from how well you secure your ingress and Application Load Balancer (ALB). It's crucial to implement measures like WAF, HTTPS, and IAM permissions to ensure safety. Misconfigured access, exposed APIs, and weak authentication can lead to vulnerabilities, so pay attention to those aspects.
Exactly! By setting up your ALB with strict 403 rules and enforcing HTTPS, you can better protect your application. Using WAFv2 with managed rules and rate limiting can help too. Remember to restrict traffic to the right security groups and use least-privilege roles for your services.