|
|
|
|
|
|
by koolba
2720 days ago
|
|
|
Not quite. It’s not the auth mechanism or even the wire protocol. The issue is to accesS traditional resources in a VPC you need to have an IP address within the VPV to route network traffic to/from it. It’d be the same if you ran a DB on and EC2 instance or even ran your own DynamoDB clone with no auth. AWS services don’t have that issue because they’re accessible from anywhere on the network, even through an internet gateway / internal NAT. |
|
|
Services with "native" AWS APIs use IAM for granular access management. Other services can only support access restrictions using the network so that means VPC/Security Groups.