Network Firewall and API Gateway : how to ?
Is it useful to use a Network Firewall in an API Gateway based solution, a VPC Link to a private subnet containing a private ALB with ECS services ?
If yes, how to configure the solution to inspect the flows through the firewall?
- 最新
- 最多得票
- 最多評論
You should definitely use AWS WAF with API Gateway to protect you against well known vulnerabilities such as OWASP - https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-aws-waf.html
As regards using a Network Firewall for IDS/IPS capabilities, some patterns are discussed here - https://docs.aws.amazon.com/whitepapers/latest/building-scalable-secure-multi-vpc-network-infrastructure/centralized-inbound-inspection.html
You should be able to adapt the API Gateway architecture to fit into these patterns.
相關內容
AWS 官方已更新 6 個月前- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 2 年前