- Newest
- Most votes
- Most comments
An application running inside an EC2 machine can connect to Secrets Manager using either the public endpoints of Secrets Manager (https://docs.aws.amazon.com/general/latest/gr/asm.html) or using a VPC endpoint to Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/vpc-endpoint-overview.html). If using the VPC endpoint, the traffic goes over the AWS network and not over the public internet.
Security groups are stateful firewalls to ensure access only from relevant IPs, CIDRs or other security groups are allowed on the opened ports only. As the name suggests, that's to protect from unauthorized access.
Thanks for the answer.
I know this. Right now I'm using a VPC endpoint but if I didn't have the endpoint the connection with the secrets manager wouldn't work. Why is that? What is blocking the connection? Is the Internet gateway? Is the router?
I'm using the aws sdk to get the secret.
Relevant content
- asked 2 years ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago