HiveBrain v1.2.0
Get Started
← Back to all entries
snippetMinor

How to only allow API Gateway requests to reach our EC2 instances

Submitted by: @import:stackexchange-devops··
0
Viewed 0 times
gatewayreachinstancesec2allowhowapionlyourrequests

Problem

We have multiple EC2 instances hosting our micro-services. The autoscaling group of servers has an ELB. All traffic is routed via the AWS API Gateway. The problem is that the ELB has its HTTPS port open to the world.

How to protect our servers, so that traffic is only allowed to pass through API Gateway?

Solution

Since November 2017, it is now possible to directly interact with servers in a VPC \o/

See:

  • https://stackoverflow.com/questions/32671394/can-i-specify-http-endpoint-in-a-vpc-as-resource-in-aws-api-gateway



  • http://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-private-integration.html

Context

StackExchange DevOps Q#254, answer score: 6

Revisions (0)

No revisions yet.