- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
An application running inside an EC2 machine can connect to Secrets Manager using either the public endpoints of Secrets Manager (https://docs.aws.amazon.com/general/latest/gr/asm.html) or using a VPC endpoint to Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/vpc-endpoint-overview.html). If using the VPC endpoint, the traffic goes over the AWS network and not over the public internet.
Security groups are stateful firewalls to ensure access only from relevant IPs, CIDRs or other security groups are allowed on the opened ports only. As the name suggests, that's to protect from unauthorized access.
Thanks for the answer.
I know this. Right now I'm using a VPC endpoint but if I didn't have the endpoint the connection with the secrets manager wouldn't work. Why is that? What is blocking the connection? Is the Internet gateway? Is the router?
I'm using the aws sdk to get the secret.
Contenuto pertinente
- AWS UFFICIALEAggiornata 10 mesi fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 9 mesi fa