I would like to use Cloudflare Access to add authentication to my backend service on AWS. Additional step to do is whitelist Cloudflare IPs on AWS security group to prevent access from outside. This is all fine but what prevents another Cloudflare user to point to my AWS endpoint (ie AWS load balancer) and completely circumvent settings I did in Cloudflare Access?
Thanks!