AWS API Gateway访问另一个帐户中的私有API Gateway [英] AWS API Gateway access private API Gateway in another account

问题描述

账户A中是否可以有一个(公共)AWS API网关访问账户B中的一个私有API网关?

Is it possible to have a (public) AWS API Gateway in account A access a private API Gateway sitting in account B?

如果是这样，该如何配置?

If so, how is this configured?

此文章描述了设置，但在帐户A中使用具有NLB和VPC对等关系的VPC.

This article describes the setup, but uses a VPC within account A with an NLB and VPC peering.

还有其他选择吗?

推荐答案

除了VPC对等方法之外，您还可以使用Lambda函数(放在帐户A中的VPC中)和帐户B中的私有API来实现用例.帐户A中的VPC在其资源策略中的访问权限.另外请注意，对于此设置，两个VPC应该位于同一区域.

Apart from the VPC peering approach, you can implement your use case using Lambda functions (placed in a VPC in account A) and the private API in account B allowing the VPC in account A access in its resource policy. Also note, the two VPCs should be in the same region for this setup.

外观如何:

• 帐户A中的公共API已在同一帐户中设置了具有Lambda函数的集成

• Public API in account A has integration set up with a Lambda function in the same account

Lambda函数放置在VPC内(我们称为VPC A)

Lambda function is placed inside a VPC (let's call this VPC A)

私有API允许VPC A访问其资源政策

Private API in account B allows VPC A access in its resource policy

Lambda函数应该能够调用私有API并返回所需的数据

Lambda function in account A should now be able to invoke the private API and return the required data

这篇关于AWS API Gateway访问另一个帐户中的私有API Gateway的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！