VPC Prefix Lists with Cfhighlander
Last year AWS announced VPC Prefix Lists which makes it easier to create consistent security postures and routing behaviors. A Prefix List is a collection of CIDR blocks that can be used to configure VPC security groups rules for ingress or egress traffic. This means we can make a single list of IP’s for white listing on securitygroup rules which can be shared across environments making management of these IP’s easier.
We have now added support for adding VPC prefix lists as a source in security group rules for both ingress and egress traffic in the cfhighlander ec2 library. Cfhighlander components using this library such as the application-loadbalancer can make use of this new feature.
Work is also under way to roll out boiler plate prefix lists with CIDR ranges for GitHub and BitBucket webhooks on Ciinabox 2 as well as Base2 VPN prefix lists.