BATIAI-2314: Configure deny by default for the shared ALB

[bushong1]

Fixes Issue: BATIAI-2314

Description:

Security Impact Analysis Questionnaire

Submitter Checklist

• Is there an impact on Auditing and Logging procedures or capabilities?
• Is there an impact on Authentication procedures or capabilities?
• Is there an impact on Authorization procedures or capabilities?
• Is there an impact on Communication Security procedures or capabilities?
• Configures a deny-by-default stance for our Public load balancers until an engineer explicitly states what domains are valid.
• Is there an impact on Cryptography procedures or capabilities?
• Is there an impact on Sensitive Data procedures or capabilities?
• Is there an impact on any other security-related procedures or capabilities?
• No security impacts identified.

Security Risks Identified - For any applicable items on the "Submitter Checklist," describe the impact of the change and any implemented mitigations.

[robo-gotham]

Snyk Scanning for Commit: 1a3f8be

Snyk Infrastructure as Code

• Snyk testing Infrastructure as Code configuration issues.
  ✔ Test completed.

Issues
No vulnerable paths were found!

---

Test Summary

Organization: batcave-ispg
Project name: CMS-Enterprise/batcave-tf-cluster

✔ Files without issues: 10
✗ Files with issues: 0
Ignored issues: 0
Total issues: 0 [ 0 critical, 0 high, 0 medium, 0 low ]

---

Report Complete

Your test results are available at: https://snyk.io/org/batcave-ispg/projects
under the name: CMS-Enterprise/batcave-tf-cluster

[jonos-cms]

Thanks for putting this together! I did a screenshare review with the purple team, and we collectively like this solution. Thank you for keeping the response generic.