1 個回答
- 最新
- 最多得票
- 最多評論
1
I can think of a couple of ways of doing this but they all boil down to (more or less) the same thing:
Have a Lambda function running on the private subnet to do the health check (that you already have); and then use a VPC Endpoint for another AWS service to send the results out from that Lambda function. You could use SNS or SQS (both of which could trigger another Lambda function directly); or you could use CloudWatch Synthetics.
Note that the VPC endpoint does introduce additional cost (but then, so does NAT Gateway) but it restricts the access from the private subnet to the service that you've created the endpoint for. You can also use an endpoint policy to further restrict access if you like.
相關內容
- AWS 官方已更新 10 個月前
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前