Restrict MozDef Kibana internally Only

This seem perfect solution but only concern which might many organization have.

ALB is associated with public IP and Kibana dashboard published on internet whereas we are looking for solution where ALB should associate with Local IP and Kibana dashboard must be accessible from internally.

How to configure to use Okta for SSO.

Is it possible to make changes in stack ?