1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
2
While you are sharing the VPC (or rather the subnet of it), you are not sharing the resources like ALB deployed into subnet(s).
Participants cannot view or modify resources that belong to other participant accounts.
PrivateLink would allow you to build the solution you have drawn. See https://aws.amazon.com/blogs/apn/enabling-new-saas-strategies-with-aws-privatelink/
관련 콘텐츠
- AWS 공식업데이트됨 2년 전
There is a guide https://aws.amazon.com/blogs/compute/building-private-cross-account-apis-using-amazon-api-gateway-and-aws-privatelink/ describes how to achieve that in situation when "VPCs are not shared" It makes sense... But in my case - VPC is the same, all services sit in one VPC anyway... But there is no possibility (as far as I can see) to use one single NLB & ALB for all ESC services in all accounts...