如何为具有私有终结点类型的Amazon

如何为具有私有终结点类型的Amazon

本文介绍了如何为具有私有终结点类型的Amazon API Gateway API定义自定义域名的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我们将API网关设置为仅在 VPC VPC端点中可以访问.在 AWS API网关中,您可以使用 Edge Region 配置创建自定义域.有什么办法可以将DNS名称从Route53映射到 私有 类型的API网关丑陋的" DNS名称或VPC端点DNS名称,但是会自动设置标头参数(是否还可以发送请求VPC端点,但需要指定header: <APIGW DNS>)?

We are setting API Gateway to be accessible only inside VPC or VPC endpoints. In AWS API Gateway you can create a custom domain with Edge or Regional configuration. Is there any way somehow point map DNS name from Route53 to API Gateway "ugly" DNS name for Private type or to VPC Endpoint DNS name but with setting the header parameter automatically(it's also possible to send request VPC Endpoint but with specifying header: <APIGW DNS>)?

推荐答案

这是不可能的.

https://docs.aws.amazon .com/apigateway/latest/developerguide/apigateway-private-apis.html

如果您真的想使用此功能,则可以通过在VPC内运行的代理服务器(例如HAProxy或Nginx)来完成此功能,该代理服务器接受对自定义域的请求并将请求转发给API网关私有端点使用正确的Host标头和正确的TLS SNI ...,但这会增加复杂性并在堆栈中创建一个额外的依赖关系,该依赖关系仅出于为仅可使用的API拥有不丑陋的域名的目的而显得不合理内部.

If you really wanted this functionality, it could be accomplished with a proxy server (e.g. HAProxy or Nginx) running inside the VPC that accepts requests for the custom domain and forwards requests to the API Gateway private endpoint using the correct Host header and the correct TLS SNI... but this increases complexity and creates an additional dependency in your stack that seems unjustifiable just for the purpose of having a non-ugly domain name for an API that is only consumable internally.

这篇关于如何为具有私有终结点类型的Amazon API Gateway API定义自定义域名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-06 18:57