Gamelift VPC peering to access a private link from another VPC.

Question

Hi, I have a private link in API Gateway created in my VPC A which is invoked only by the EC2s in the VPC A (restricted by resource policy). Now I want to add my gamelift servers as well the permission to access the private link. How can I achieve this. Since gamelift fleet themselves are in an isolated VPC, How can I achieve this? If I establish a peering connection between my VPC A and the gamelift fleet, how can I configure the security group for the VPC endpoint to accept traffic from the local IP of the  Gamelift fleet since I dont want it to be over the internet for security purpose.

Accepted Answer

Hello.

If you connect GameLift and VPC A with VPC peering, you can check the VPC CIDR of the GameLift fleet.  
So, how about configuring this VPC CIDR to be allowed in the security group's inbound rules?  
https://docs.aws.amazon.com/gamelift/latest/developerguide/vpc-peering.html

Once you have configured VPC peering with GameLift, you can check the VPC CIDR of your GameLift fleet by running the following command.  
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/gamelift/describe-vpc-peering-connections.html  
```
aws gamelift describe-vpc-peering-connections
```

Gamelift VPC peering to access a private link from another VPC.

Contenido relevante