Posted On: Nov 7, 2019

Elastic Load Balancing now supports TLS termination on Network Load Balancers. With this new feature, you can offload the decryption/encryption of TLS traffic from your application servers to the Network Load Balancer, which helps you optimize the performance of your backend application servers while keeping your workloads secure. Additionally, Network Load Balancers preserve the source IP of the clients to the back-end applications, while terminating TLS on the load balancer. 

TLS termination on Network Load Balancers also offers centralized deployment of SSL certificates by integrating with Identity Access Manager (IAM). You can also optionally configure encryption to the targets. This feature also provides the flexibility of predefined security polices, which enables you to control the ciphers and protocols the load balancers present to your clients, thus providing strong security posture for your applications. 

TLS termination on Network Load Balancers is now available in AWS China (Beijing) Region, operated by Sinnet, and AWS China (Ningxia) Region, operated by NWCD. 

TLS termination on Network Load Balancers is fully integrated with AWS PrivateLink and is also supported by AWS CloudFormation. 

To learn more about this feature, please refer to the blog, and the Elastic Load Balancing Documentation.