AWS SDK Calls to Cognito/Cloudfront From VPC without Internet Connection
We have a client which requires all of the resources are deployed within a VPC. If possible, service-to-service comms should not be happening via the IG/NAT gateways, but via VPC endpoints.
For the majority of the system, it was fine. But then I reached Cognito and Cloudfront. In the app code, there are a couple of AWS SDK calls that interact with APIs of these services.
So, naturally, since these services do not support VPC endpoints, I guess the IG/NAT gateway option is my only option here?
Thank you!
- 新しい順
- 投票が多い順
- コメントが多い順
Correct, Neither Cognito nor Cloudfront support VPC endpoint and Private Link, thus you have to go via Internet.
AWS services that integrate with AWS PrivateLink: https://docs.aws.amazon.com/vpc/latest/privatelink/aws-services-privatelink-support.html
Hope it clarifies.
関連するコンテンツ
- 質問済み 6年前
AWS公式更新しました 2年前
