1 Answer
- Newest
- Most votes
- Most comments
0
I've seen customers build skills against APIs hosted elsewhere as you outline in scenario 1. The only caveat I'd mention is around security and that developers should validate that a request is actually coming from Alexa by verifying the signature of the request.
If your customer has a VPN or DX link to their data center, they could also consider running their Lambda functions within the associated VPC and communicate privately with their backend APIs. It's likely opening up the APIs of their backend services as you outline in scenario 2 and might introduce other security concerns that are best avoided.
Relevant content
- asked 7 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago