Amazon Gamelift: How to tell what VPC the servers are running in - Verifying Servers' access to backend services



An expansion to an original question:

Is there a way to find which VPC and addresses the individual game servers are running on within Gamelift?

Actually, in writing this, I found this thread as well:

We are just trying to make sure that certain calls to our backend services originate from within the actual servers running within game lift and not via an outside client. UE4 packages the server and client code together, so we just want an extra layer of security check.

1 Answer

GameLift is running in a VPC owned and managed by the service. This VPC is not visible in your AWS account. If you have a need to enable private connectivity between the GameLift server fleets and backend running in your own VPC you can then use VPC Peering. This lets you connect to your backends using private IP addresses.

UE4 doesn't package the server and client code together if you don't want to. In my understanding there is a way to separate server-only code from the client code. Allowing you to define the what kind of build you are doing and what parts of code is even included. I believe the terminology in UE4 is Cook and Packaging. When searching UE Dev Community forums I found at least one post describing how to disable server-only code from client builds.

Even without splitting the code, your Client to Game Server backend should be secured by using known methods such as Oauth and JWTs. As for your server to backend communicate you could use shared secret or some other method to validate that it's a server under your control calling and not something else on the internet.

profile pictureAWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions