Reputation:
Using a VPC for API Gateway and RDS | AWS
I am new to AWS. I have a REST API I built with Django and want to deploy it on AWS API Gateway. I also have that connecting to a PostgreSQL database on AWS RDS.
I've heard that it is more secure to put both in a VPC. But, I don't really know how that makes it more secure. What does putting them both in a VPC actually do? Thanks!
Upvotes: 0
Views: 208
Answers (1)
Reputation: 5580
Since you probably don't want anyone to access the DB directly, with VPC you can lock down the DB to only be available to your API. In addition, while your API needs to be accessible from the internet anyway, you can have robust logging, traffic filtering, and access control that run separately from the application. That is, even if the application framework turns out to have a security hole, the VPC rules might be able to mitigate them, and even when the attacker managed to get into the API controller and wreak havoc, the logging exists separately and still works. Depending on your configuration, it can even alert you for unforeseen traffic.
Upvotes: 1
Related Questions
- Connect to RDS through VPC Peering
- Access RDS from VPC Lambda
- Access Api Gateway API operation from VPC?
- AWS private API Gateway through VPC Endpoint
- AWS Lambda and RDS outside a VPC
- Accessing RDS from EC2 instance in separate VPC
- Amazon Web Services EC2 to RDS Connectivity with VPC
- Putting both Lambda and RDS in default VPC behind an API Gateway?
- AWS VPC Setup for RDS access
- AWS - moving RDS to VPC