Hi,
We are using Apigee SaaS hosting the API (Acts as Resource Server)
All client connects to On Premise (Webserver/Reverse Proxy) which inturn connect to Apigee SaaS - which acts as a Resource Server (due to required Governance or compliance)
In such scenario where on premise Entity (Webserver/Reverse Proxy) only connects to Apigee SaaS, I understand that Mutual TLS (2 way TLS) is always recommended by Apigee . Did not get the apigee docs link which indicating the same.
Also would like to know, what’s the recommendations from on premise Entity (Webserver/Reverse Proxy) to connect to Apigee SaaS (Resource Server) .
1.Is it only thro Mutual TLS using Internet.
Or
2. Thro VPN
3. Any other option based on above indicated design - Any Pros and Cons (If we have flexibility to choose on ?) If Internet is not an best option..
Note: none of client connect to Apiee SaaS .All Client connects only to On Premise (Webserver/Reverse Proxy) which inturn invokes API in Apigee SaaS
@Anil Sagar @ Google @Dino would like to know your comments
AFAIK, For connecting with Apigee Edge Cloud, Apigee recommends 2-way TLS.
See the similar posts here -
https://community.apigee.com/questions/21613/vpn-connections-to-aws-apigee-edge-cloud.html
https://community.apigee.com/questions/1547/security-best-practicesapproaches-between-apigee-c.html