How to secure Target services (AWS EC2) ?

I have a API running on an AWS EC2 instance. This API I want to proxy thru Apigee, this needs to be secure.What is the best approach? I am authenticating jwt token for client, Can this jwt token (or part of it) be used for the backend authentication? Due to AWS ALB 2way-TLS is not an option to be considered.

0 1 189
1 REPLY 1

Not applicable

With aws ALB you can have 2 way TLS.

If still you see for other options,

I would prefer oauth 2,

JWT can be used at backend for authentication. You can try that.