AWS elasticloadbalancing documentation change
Summary
Clarified IPv4 requirements for ALB authentication and updated IPAM pool support restrictions.
Security assessment
Changes address configuration requirements and documentation accuracy. The HTTP 500 error scenario describes a reliability impact rather than a security vulnerability. IPAM pool restrictions are operational clarifications.
Diff
diff --git a/elasticloadbalancing/latest/application/application-load-balancers.md b/elasticloadbalancing/latest/application/application-load-balancers.md index c76565dd9..24391ab08 100644 --- a//elasticloadbalancing/latest/application/application-load-balancers.md +++ b//elasticloadbalancing/latest/application/application-load-balancers.md @@ -318 +318 @@ Clients must connect to the load balancer using IPv6 addresses (for example, 200 - * Application Load Balancer authentication only supports IPv4 when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address the load balancer cannot complete the authentication process, resulting in HTTP 500 errors. + * Application Load Balancer authentication only supports IPv4 when connecting to an Identity Provider (IdP) or Amazon Cognito endpoint. Without a public IPv4 address, the load balancer can't complete the authentication process, resulting in HTTP 500 errors. @@ -333 +333 @@ To get started, create an IPAM IP address pool. For more information, see [Bring - * IPAM IP address pools are not supported with internal load balancers or the `dualstack-without-public-ipv4` IP address type. + * IPAM IPv6 address pools are not supported. @@ -335 +335 @@ To get started, create an IPAM IP address pool. For more information, see [Bring - * IPAM IP address pools are supported only for IPv4 addresses. With a `dualstack` load balancer, IPv6 addresses are assigned from the subnets where the load balancer is enabled. + * IPAM IPv4 address pools are not supported with internal load balancers or the `dualstack-without-public-ipv4` IP address type.