Unsolved
2 Posts
0
2009
Secure namespace access
Can you control access to specific name spaces from the internet. We use F5 load Balancers for traffic management and understand the need to open 443 and map to ECS on 9021
I only want to allow external access to certain name spaces, is that possible?
darrell_vandive
2 Posts
0
September 25th, 2018 12:00
Your could create an irule on the F5 to reject HTTP requests to the prohibited namespaces.
Example
when HTTP_REQUEST {
if {[HTTP::uri] contains "namespace.URL"}
{
reject
}
}
Some F5 people prefer drop over reject. In my view, reject lets the requestor know the call has been explicitly blocked vs just dropping the request.
duhs_rc
2 Posts
0
October 2nd, 2018 13:00
so in order to use the name space in the URL we would turn on the baseURL function right? add a cname DNS record of
*.myco.org and do the same with a SSL cert? the goal is this.
application makes a call to namespace.myco.org/bucket/object would this work?
and if the rule doesn't match the Namespace, reject it
darrell_vandive
2 Posts
0
October 3rd, 2018 06:00
Yes that's it exactly.
It should also work with virtual host style addressing bucket.namespace.myco.org as well.