1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
2
While you are sharing the VPC (or rather the subnet of it), you are not sharing the resources like ALB deployed into subnet(s).
Participants cannot view or modify resources that belong to other participant accounts.
PrivateLink would allow you to build the solution you have drawn. See https://aws.amazon.com/blogs/apn/enabling-new-saas-strategies-with-aws-privatelink/
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 9 Monaten
- AWS OFFICIALAktualisiert vor 7 Monaten
- AWS OFFICIALAktualisiert vor 10 Monaten
There is a guide https://aws.amazon.com/blogs/compute/building-private-cross-account-apis-using-amazon-api-gateway-and-aws-privatelink/ describes how to achieve that in situation when "VPCs are not shared" It makes sense... But in my case - VPC is the same, all services sit in one VPC anyway... But there is no possibility (as far as I can see) to use one single NLB & ALB for all ESC services in all accounts...