堆栈内存溢出
  简体   繁体   English

如何从运行 PHP 的 Google App Engine 安全访问 AWS RDS 数据

[英]How to securely access AWS RDS data from Google App Engine running PHP

 原文  2020-08-19 23:45:17       php/ amazon-web-services/ google-app-engine/ amazon-rds/ serverless

问题描述

I have this setup currently.我目前有这个设置。

My front end runs on Google App Engine ( GAE ) on PHP. I use PDO to connect to an open AWS RDS MYSLQ 8.我的前端在 PHP 上运行在 Google App Engine ( GAE ) 上。我使用 PDO 连接到一个开放的 AWS RDS MYSLQ 8。

I can not move the data out of the AWS RDS instance.我无法将数据移出 AWS RDS 实例。

I have been requested to make the RDS secure and not allow open in coming ports like 0.0.0.0/0 in the AWS security group.我被要求确保 RDS 安全,并且不允许在 AWS 安全组中打开即将到来的端口,如 0.0.0.0/0。

I want to know if there is a serverless way to achieve this type of connection without setting up a EC proxy or an Google Compute Engine server.我想知道是否有一种无服务器方式可以在不设置 EC 代理或 Google Compute Engine 服务器的情况下实现这种类型的连接。

I am not able to find a solution and all known solution points to setting up a proxy.我找不到解决方案,所有已知的解决方案都指向设置代理。

Any one have any thoughts on this problem?有人对这个问题有什么想法吗?

1 个解决方案

解决方案1
 0  2020-08-20 12:35:29

It's hard to tell something without any codes and errors stacks etc. But I have some thoughts.没有任何代码和错误堆栈等很难说出一些东西。但我有一些想法。

If you are thinking of "serverless" solution.如果您正在考虑“无服务器”解决方案。 "serverless" does not mean that there is no server, but it means that there is no need to care about sever which is being maintained by some service provider (like GAE or other). “无服务器”并不意味着没有服务器,而是意味着不需要关心由某些服务提供商(如 GAE 或其他)维护的服务器。 So practically there is no 100% serverless solution, but it's just covered behind provider logic.所以实际上没有 100% 的无服务器解决方案,但它只是被提供者逻辑所覆盖。

The main question is that you cannot connect to RDS.主要问题是您无法连接到 RDS。 This should be possible form local machine.这应该可以从本地机器实现。 So you should be able to develop something that is working on your local machine and than for sure you are able to deploy the same logic to App Engine.因此,您应该能够开发出可在本地计算机上运行的东西,而且您肯定能够将相同的逻辑部署到 App Engine。

If above is not possible, you should consider GCP cloud SQL or serverless.如果以上不可能,您应该考虑 GCP 云 SQL 或无服务器。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何从不同的 AWS 区域访问 RDS Proxy? - How to Access RDS Proxy from a Different AWS Region? GAE - 如何在 quarkus java11 应用程序中配置从 Google App Engine 访问 Cloud SQL? - GAE - How to configure access to Cloud SQL from Google App Engine in quarkus java11 app? 如何从计算引擎访问谷歌驱动器 - How to access google drive from compute engine 如何在 React 应用程序中使用 fetch 从 AWS RDS 获取数据? - How to use fetch to fetch data from AWS RDS in a react application? 无法从 Google App Engine 上的 URL 连接到运行 Strapi 的进程 - Cannot connect to the process running Strapi from URL on Google App Engine 如何将对谷歌应用程序引擎 flask 端点的访问限制为仅应用程序代码(或应用程序引擎服务帐户) - How to limit access to google app engine flask endpoints to just application code (or app engine service accounts) CORS PHP 和 Google App Engine - CORS on PHP and Google App Engine 如何为 google data studio 添加安全组以访问我的 amayon RDS? - How do I add security group for google data studio to access my amayon RDS? 如何将数据从 Google Cloud VM 迁移到 Google Kube.netes Engine? - How to migrate data from Google Cloud VM to Google Kubernetes Engine? 如何将数据从 Source Oracle DB 传输/迁移到 aws oracle rds - how to transfer/migrate data from Source Oracle DB to aws oracle rds
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM