How do you build APIs that consume cross account resources (and do it securely)?
Operating multiple accounts is an AWS best practice — it helps shard your work, distribute limits, and better segment your environments. It can be challenging to build APIs that consume resources in different accounts, but you have a few options:
- VPC peer or use Transit Gateway to enable communication between two private VPC.
- Expose your services publicly and allow resources from accounts and VPCs to consume the services. Add security to prevent unauthorized use.