snippetMinor
How to only allow API Gateway requests to reach our EC2 instances
Viewed 0 times
gatewayreachinstancesec2allowhowapionlyourrequests
Problem
We have multiple EC2 instances hosting our micro-services. The autoscaling group of servers has an ELB. All traffic is routed via the AWS API Gateway. The problem is that the ELB has its HTTPS port open to the world.
How to protect our servers, so that traffic is only allowed to pass through API Gateway?
How to protect our servers, so that traffic is only allowed to pass through API Gateway?
Solution
Since November 2017, it is now possible to directly interact with servers in a VPC \o/
See:
See:
- https://stackoverflow.com/questions/32671394/can-i-specify-http-endpoint-in-a-vpc-as-resource-in-aws-api-gateway
- http://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-private-integration.html
Context
StackExchange DevOps Q#254, answer score: 6
Revisions (0)
No revisions yet.