1 個回答
- 最新
- 最多得票
- 最多評論
0
Hi,
You can create a new IAM role that all instances in the fleet will assume to access your API Gateway (AWS Console: Create Fleet | Define fleet details | Additional details | Instance role). See Communicate with other AWS resources from your fleets for more details.
While creating the role you can define a policy that will allow fleet instances to communicate with the API Gateway instance. Additionally you can configure API Gateway endpoints to enforce IAM based authorization for the clients, thus all client requests to the API endpoints will have to be digitally signed with the SigV4 signature. See Control access for invoking an API and How Amazon API Gateway works with IAM for more details.
Regards.
已回答 1 個月前
相關內容
- 已提問 1 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前
Hi, Thanks for the reply. I am wondering if doing a VPC peering with a VPC link is needed? Or just a resource policy can make it secure?