Elastic load balancers in shared VPC
Dear community, could anybody please help me with the solution below:
- I have 2 AWS accounts (Account A and Account B)
- In Account A I created a shared VPC
- In Account A I created NLB & ALB
- In Account A I created a REST API Gateway and VPC Link to NLB
- In Account A and Account B there are ECS services
I would like to have one API Gateway in front of all these ECS services (like on a picture above).
I expected, that once I have a shared VPC Ill be able to see in AWS console of Account B the ALB created in Account A... But I can not see. Am I missing something? And if the solution Im trying to build even possible?
Thanks
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
While you are sharing the VPC (or rather the subnet of it), you are not sharing the resources like ALB deployed into subnet(s).
Participants cannot view or modify resources that belong to other participant accounts.
PrivateLink would allow you to build the solution you have drawn. See https://aws.amazon.com/blogs/apn/enabling-new-saas-strategies-with-aws-privatelink/
Relevanter Inhalt
AWS OFFICIALAktualisiert vor 2 Jahren- AWS OFFICIALAktualisiert vor 9 Monaten
- AWS OFFICIALAktualisiert vor 7 Monaten
- AWS OFFICIALAktualisiert vor 10 Monaten
There is a guide https://aws.amazon.com/blogs/compute/building-private-cross-account-apis-using-amazon-api-gateway-and-aws-privatelink/ describes how to achieve that in situation when "VPCs are not shared" It makes sense... But in my case - VPC is the same, all services sit in one VPC anyway... But there is no possibility (as far as I can see) to use one single NLB & ALB for all ESC services in all accounts...