- 新しい順
- 投票が多い順
- コメントが多い順
An application running inside an EC2 machine can connect to Secrets Manager using either the public endpoints of Secrets Manager (https://docs.aws.amazon.com/general/latest/gr/asm.html) or using a VPC endpoint to Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/vpc-endpoint-overview.html). If using the VPC endpoint, the traffic goes over the AWS network and not over the public internet.
Security groups are stateful firewalls to ensure access only from relevant IPs, CIDRs or other security groups are allowed on the opened ports only. As the name suggests, that's to protect from unauthorized access.
Thanks for the answer.
I know this. Right now I'm using a VPC endpoint but if I didn't have the endpoint the connection with the secrets manager wouldn't work. Why is that? What is blocking the connection? Is the Internet gateway? Is the router?
I'm using the aws sdk to get the secret.
関連するコンテンツ
- 質問済み 6年前
- AWS公式更新しました 3年前
- AWS公式更新しました 1年前