Load Balancing

EKS

Mis-configured Load balancers can expose the service to the wider internet.

For full information on configuring a load balancer read the offcial k8s documentation.

Prevent Exposure to 0.0.0.0/0

AWS load balancers are automatically exposed to the wider internet. To prevent this configure the load balancer with the following annotation providing your private subnet range:

service.beta.kubernetes.io/load-balancer-source-ranges: 10.0.0.0/16

Also, if you have any explicit annotation to 0.0.0.0/0 please remove it.

Further documentation can be found in the official docs

← Best Practices
Helm →