Hi,
We currently have a few Reverse Proxies to our AWS Elastic Beanstalk applications however we would like to limit access to the EB applications so that only Apigee can access them. So far the best way I can think to do this is to limit the access to the Load Balancer to only Apigee's IP range but I was wondering if anyone out there has a better idea?
Thanks
Apigee supports Mutual TLS(MTLS), so authenticating requests from Apigee can be done whitelisting certificates instead. This is cleaner and cloud-native approach as Apigee MP IPs are ephemeral, so Message Processors (MP) come and go as capacity expands or shrinks.
What type of app are you building on Elastic Beanstalk? I mean Node.js, Java, etc.
You can enable MTLS by something like AWS Gateway on your end.
Ah so I have to use API Gateway? I was hoping to not have to do that, for no other reason other that it is another link in the chain (web-app->apigee->apigateway->lb->eb->java-app)
Thanks anyway though.
Two options that occur to me, if you want to save that hop:
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |