2 Answers
- Newest
- Most votes
- Most comments
1
By default, DX connection is not encrypted at rest, so you can use Site-to-Site VPN connection to combine with your solution to create a secure layer. Here is some refs for you: https://docs.aws.amazon.com/vpn/latest/s2svpn/private-ip-dx.html
answered 3 months ago
0
This approach, i.e., connecting from on prem to API Gateway to connect to the internet will work. You need to define a Private API and access it via the VPC Endpoint.
Even though the API is Private, you can use it to access public resources. A Private API means that you can access it only from a VPC.
Relevant content
- Accepted Answerasked 9 months ago
- asked 2 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 9 months ago
Interesting approach, but I'm not really concerned about in transit security at this moment, rather my focus is to avoid direct interaction with the public network. Using VPN and transit GW means higher bills as well.