Load balancer is exposed to the internet.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | elb |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
The load balancer is configured to be publicly accessible from the internet, which may unintentionally expose internal resources or services to external access. This misconfiguration increases the attack surface if the load balancer is not intended for public use.
Impact#
External attackers could directly access services behind the load balancer, potentially leading to data exposure, unauthorized actions, or further network compromise. This exposure increases the risk of exploitation and can undermine the security of internal systems.
Resolution#
Switch to an internal load balancer or add a tfsec ignore