AWS API Gateway访问另一个帐户中的私有API Gateway [英] AWS API Gateway access private API Gateway in another account
问题描述
账户A中是否可以有一个(公共)AWS API网关访问账户B中的一个私有API网关?
Is it possible to have a (public) AWS API Gateway in account A access a private API Gateway sitting in account B?
如果是这样,该如何配置?
If so, how is this configured?
此文章描述了设置,但在帐户A中使用具有NLB和VPC对等关系的VPC.
This article describes the setup, but uses a VPC within account A with an NLB and VPC peering.
还有其他选择吗?
推荐答案
除了VPC对等方法之外,您还可以使用Lambda函数(放在帐户A中的VPC中)和帐户B中的私有API来实现用例.帐户A中的VPC在其资源策略中的访问权限.另外请注意,对于此设置,两个VPC应该位于同一区域.
Apart from the VPC peering approach, you can implement your use case using Lambda functions (placed in a VPC in account A) and the private API in account B allowing the VPC in account A access in its resource policy. Also note, the two VPCs should be in the same region for this setup.
外观如何:
-
帐户A中的公共API已在同一帐户中设置了具有Lambda函数的集成
Public API in account A has integration set up with a Lambda function in the same account
Lambda函数放置在VPC内(我们称为VPC A)
Lambda function is placed inside a VPC (let's call this VPC A)
私有API允许VPC A访问其资源政策
Private API in account B allows VPC A access in its resource policy
Lambda函数应该能够调用私有API并返回所需的数据
Lambda function in account A should now be able to invoke the private API and return the required data
这篇关于AWS API Gateway访问另一个帐户中的私有API Gateway的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!