Amazon S3 -> Http Listener on ALB(Level 7) Redirect to HTTPS
HTTPS Listener redirect to HTTP BackendNodes/Destination [SSL Offloading]
ALB(HTTPS Redirect) -> Node
AWS Route 53 -> Hosted Zone -> Domain URL -> Azure Application Gateway [Public IP]
Azure Application Gateway [Public IP] -> FrontEnd -> 2 Listener (HttpListener80, HttpsListener443)
APB HttpListener(80) Redirects to HTTPSListener(443)
ALB HTTPSListener does SSL Offloading and backend Rule then distributes load among the nodes at HTTP Level
SSL Offloading - eases load on Destination Nodes/Actual Server VMs so that they don't have to encrypt and decrypt
Another option is End to End SSL in which even Backend Nodes must have SSL Implanted in them at Server Level but tradeoff is that it introduces extra work at node level - encrypting/deciphering.
No comments:
Post a Comment