1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
Hi,
You can create a new IAM role that all instances in the fleet will assume to access your API Gateway (AWS Console: Create Fleet | Define fleet details | Additional details | Instance role). See Communicate with other AWS resources from your fleets for more details.
While creating the role you can define a policy that will allow fleet instances to communicate with the API Gateway instance. Additionally you can configure API Gateway endpoints to enforce IAM based authorization for the clients, thus all client requests to the API endpoints will have to be digitally signed with the SigV4 signature. See Control access for invoking an API and How Amazon API Gateway works with IAM for more details.
Regards.
beantwortet vor einem Monat
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
Hi, Thanks for the reply. I am wondering if doing a VPC peering with a VPC link is needed? Or just a resource policy can make it secure?