(AWS) mTLS finally available on Application Load Balancer
Until 26 of November 2023, the main way to have a managed mTLS solution on AWS was through API Gateway service.
... but a new feature is out there.. ALB is now supporting mTLS too!

Mutual authentication (mTLS) is commonly used for business-to-business (B2B) applications such as online banking, automobile, or gaming devices to authenticate devices using digital certificates. Companies typically use it with a private certificate authority (CA) to authenticate their clients before granting access to data and services.
How to use mTLS on AWS ALB
You can do exactly the same stuff using aws cli
⚠️
mTLS is not available on Application Load Balancer controller for EKS yet.
The feature should be available during January 2024.
Subscribe to the feature request to remain up to date --> https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/3499
The feature should be available during January 2024.
Subscribe to the feature request to remain up to date --> https://github.com/kubernetes-sigs/aws-load-balancer-controller/issues/3499
Web console
- Create a trustore

- Use it on AWS ALB

Official reference
Mutual authentication for Application Load Balancer reliably verifies certificate-based client identities | Amazon Web Services
Today, we are announcing support for mutually authenticating clients that present X509 certificates to Application Load Balancer. With this new feature, you can now offload client authentication to the load balancer, ensuring only trusted clients communicate with their backend applications. This new…
