Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-4812

Security groups for Network Load Balancer


    • False
    • None
    • False
    • Not Selected

      In the month of August 2023, AWS introduced the feature to use a security group with NLB to configure fine-grained control over the traffic that flows to and from AWS resources such as Amazon Elastic Compute Cloud instances.

      Currently, in the OCP 4 cluster when we create any ingresscontroller or NLB type SVC an inbound rule gets created in the master and worker SG allowing traffic from NLB. I am sure the customers are interested and will be reaching out for this feature very soon.

      Even just yesterday, I was on a call with the customer where we workaround an issue related to Security Group for NLB I really felt if we have this feature then we can avoid issues related to SG ingress rule limit whenever customers create LB type SVC, concerns related to the wide open inbound rule allowing traffic from LB to instances where customer's can use their custom SG for NLB.


      --> https://aws.amazon.com/blogs/containers/network-load-balancers-now-support-security-groups/

      --> https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-security-groups.html

            ddharwar@redhat.com Deepthi Dharwar
            rhn-support-aygarg Ayush Garg
            1 Vote for this issue
            10 Start watching this issue