APIGateway 私有API的VPC endpoint是否开启DNS有什么区别

APIGateway 私有API的VPC endpoint是否开启DNS有什么区别

未启用私有DNS

  • 从vpc内访问APIGateway regional api(非私有API)不受影响,会将APIGateway的解析为公有IP

    $ curl https://region-app-id.execute-api.cn-north-1.amazonaws.com.cn/dev
    [
      {
        "id": 1,
        "type": "fish",
        "price": 249.99
      },
      {
        "id": 2,
        "type": "fish",
        "price": 124.99
      },
      {
        "id": 3,
        "type": "fish",
        "price": 0.99
      }
    ]
    
  • 从vpc内访问私有API
    无法使用私有DNS名称调用私有API,私有DNS名称没有解析结果

    $ curl https://private-app-id.execute-api.cn-north-1.amazonaws.com.cn/dev
    curl: (6) Could not resolve host: hc31cifr6a.execute-api.cn-north-1.amazonaws.com.cn
    

    使用特定于终端节点的公有DNS主机名调用私有API成功

    $ curl https://vpce-xxxxx-8xxxxxgm.execute-api.cn-north-1.vpce.amazonaws.com.cn/dev -H'x-apigw-api-id:app-id'
    [
      {
        "id": 1,
        "type": "dog",
        "price": 249.99
      },
      {
        "id": 2,
        "type": "cat",
        "price": 124.99
      },
      {
        "id": 3,
        "type": "fish",
        "price": 0.99
      }
    ]
    

启用了私有DNS

  • 从vpc内访问Regional api受影响,解析为私有IP

    $ curl -v https://app-id.execute-api.cn-north-1.amazonaws.com.cn/dev
    * Host app-d.execute-api.cn-north-1.amazonaws.com.cn:443 was resolved.
    * IPv6: (none)
    * IPv4: 10.0.10.240, 10.0.150.229
    *   Trying 10.0.10.240:443...
    * Connected to cpvnfwf97a.execute-api.cn-north-1.amazonaws.com.cn (10.0.10.240) port 443
    * ALPN: curl offers h2,http/1.1
    * TLSv1.3 (OUT), TLS handshake, Client hello (1):
    *  CAfile: /etc/pki/tls/certs/ca-bundle.crt
    *  CApath: none
    * TLSv1.3 (IN), TLS handshake, Server hello (2):
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    * TLSv1.2 (IN), TLS handshake, Finished (20):
    * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 / prime256v1 / rsaEncryption
    * ALPN: server accepted http/1.1
    * Server certificate:
    *  subject: CN=*.execute-api.cn-north-1.amazonaws.com.cn
    *  start date: Dec 17 00:00:00 2023 GMT
    *  expire date: Nov 29 23:59:59 2024 GMT
    *  subjectAltName: host "app-id.execute-api.cn-north-1.amazonaws.com.cn" matched cert's "*.execute-api.cn-north-1.amazonaws.com.cn"
    *  issuer: C=US; O=Amazon; CN=Amazon RSA 2048 M01
    *  SSL certificate verify ok.
    *   Certificate level 0: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
    *   Certificate level 1: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
    *   Certificate level 2: Public key type RSA (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
    * using HTTP/1.x
    > GET /dev HTTP/1.1
    > Host: app-id.execute-api.cn-north-1.amazonaws.com.cn
    > User-Agent: curl/8.5.0
    > Accept: */*
    >
    < HTTP/1.1 403 Forbidden
    < Server: Server
    < Date: Mon, 10 Jun 2024 02:26:05 GMT
    < Content-Type: application/json
    < Content-Length: 23
    < Connection: keep-alive
    < x-amzn-RequestId: 202d0b5f-744a-4b06-b129-9936e066e3be
    < x-amzn-ErrorType: ForbiddenException
    < x-amz-apigw-id: apigw-id
    <
    * Connection #0 to host cpvnfwf97a.execute-api.cn-north-1.amazonaws.com.cn left intact
    {"message":"Forbidden"}
    
  • 从vpc内访问Private api
    使用私有DNS名称调用私有API成功

    $ curl https://app-id.execute-api.cn-north-1.amazonaws.com.cn/dev
    [
      {
        "id": 1,
        "type": "dog",
        "price": 249.99
      },
      {
        "id": 2,
        "type": "cat",
        "price": 124.99
      },
      {
        "id": 3,
        "type": "fish",
        "price": 0.99
      }
    ]
    

    使用特定于终端节点的公有DNS主机名调用私有API成功

    	$ curl https://vpce-xxxxx-84szh5gm.execute-api.cn-north-1.vpce.amazonaws.com.cn/dev -H'x-apigw-api-id:app-id'
    [
      {
        "id": 1,
        "type": "dog",
        "price": 249.99
      },
      {
        "id": 2,
        "type": "cat",
        "price": 124.99
      },
      {
        "id": 3,
        "type": "fish",
        "price": 0.99
      }
    ]
    
内容概要:本文档系统整合了基于MATLAB/Simulink的风力涡轮机雷达信号仿真、电力系统优化、新能源调控及多领域智能算法应用资源,涵盖风电功率平抑、混合储能协同调频、综合能源系统调度、无人机三维路径规划、电动汽车参与调度、电氢氨耦合系统优化等前沿科研方向。资源包提供大量可复现的Matlab代码、Simulink仿真模型、数据集及配套论文,涉及GWO、PSO、WOA、HHO等多种智能优化算法,以及LSTM、CNN、GRU等深度学习模型在负荷预测、故障诊断、信号处理中的应用,尤其聚焦于风电与雷达信号交互、储能功率分配、虚拟电厂运行、微电网多时间尺度优化等关键技术的仿真实现。; 适合人群:具备一定MATLAB编程基础,从事电力系统、新能源、智能优化、信号处理、雷达仿真、综合能源管理等相关领域的科研人员及研究生;工作1-3年相关方向的工程师。; 使用场景及目标:①开展风力发电系统与雷达信号交互仿真研究;②复现高水平期刊论文中的优化调度、故障诊断、功率预测模型;③进行无人机路径规划、储能系统设计、综合能源系统优化等课题研究与论文撰写;④借助成熟的代码框架快速搭建仿真模型,提升科研效率与工程实践能力。; 阅读建议:建议按主题分类浏览资源列表,优先选择标注“复现”“顶刊”“EI”等高价值项目,结合提供的网盘链接下载完整代码与数据,配合Simulink仿真模型与说明文档进行调试与二次开发,注重算法实现与实际工程问题的深度融合。
评论 1
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值