1 Answer
- Newest
- Most votes
- Most comments
0
Since ECS Service Connect is built on top of AWS Cloud Map for service discovery and AWS App Mesh for the networking control, you'll be leveraging these services to achieve your goals. To prevent the Core service from communicating with the Auth service in AWS ECS using the same namespace, you can use AWS App Mesh to control traffic flow. Here's a simplified approach:
- Define your services (Gateway, Core, Auth) as virtual services within App Mesh.
- Create routes that specifically allow:
- Gateway to communicate with Core and Auth.
- Prevent Core from communicating with Auth by not defining any route between them in App Mesh.
This approach focuses on using AWS App Mesh's capabilities to control and route traffic between your services, effectively isolating Core and Auth from each other while still allowing both to communicate with Gateway.
For ref: https://docs.aws.amazon.com/app-mesh/latest/userguide/what-is-app-mesh.html
Relevant content
- asked a year ago
- Accepted Answerasked 7 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 years ago
Given the potential complexity of App Mesh, could Security Groups provide a simpler way to achieve our security goals for this application? Are there limitations of Security Groups we should consider?