{"id":3671,"date":"2025-03-01T13:30:37","date_gmt":"2025-03-01T04:30:37","guid":{"rendered":"https:\/\/blue-bear.jp\/kb\/?p=3671"},"modified":"2025-03-01T13:30:38","modified_gmt":"2025-03-01T04:30:38","slug":"aws-privatelink%e3%82%92%e4%bd%bf%e3%81%a3%e3%81%9fnlb%e3%81%b8%e3%81%ae%e6%8e%a5%e7%b6%9a%e6%96%b9%e6%b3%95","status":"publish","type":"post","link":"https:\/\/blue-bear.jp\/kb\/aws-privatelink%e3%82%92%e4%bd%bf%e3%81%a3%e3%81%9fnlb%e3%81%b8%e3%81%ae%e6%8e%a5%e7%b6%9a%e6%96%b9%e6%b3%95\/","title":{"rendered":"AWS PrivateLink\u3092\u4f7f\u3063\u305fNLB\u3078\u306e\u63a5\u7d9a\u65b9\u6cd5"},"content":{"rendered":"\n

\u306f\u3058\u3081\u306b<\/h2>\n\n\n\n

AWS\u3092\u5229\u7528\u3059\u308b\u969b\u3001\u7570\u306a\u308bVPC\u9593\u3067\u306e\u901a\u4fe1\u3092\u5b89\u5168\u306b\u884c\u3046\u65b9\u6cd5\u3068\u3057\u3066\u3001AWS PrivateLink<\/strong>\u304c\u6709\u52b9\u3067\u3059\u3002\u7279\u306b\u3001Network Load Balancer (NLB)<\/strong> \u306e\u80cc\u5f8c\u306b\u3042\u308bEC2\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306b\u5225\u306eVPC\u304b\u3089\u30a2\u30af\u30bb\u30b9\u3059\u308b\u5834\u5408\u3001PrivateLink\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u3067\u3001\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u3084VPC Peering\u3092\u4ecb\u3055\u305a\u306b\u30bb\u30ad\u30e5\u30a2\u306a\u63a5\u7d9a\u3092\u78ba\u7acb\u3067\u304d\u307e\u3059\u3002<\/p>\n\n\n\n

\u672c\u8a18\u4e8b\u3067\u306f\u3001AWS PrivateLink\u3092\u6d3b\u7528\u3057\u3066\u3001\u5225VPC\u306b\u3042\u308bNLB\u306b\u63a5\u7d9a\u3059\u308b\u65b9\u6cd5<\/strong>\u3092\u89e3\u8aac\u3057\u307e\u3059\u3002<\/p>\n\n\n\n

\n\n\n\n

1. ALB vs NLB: PrivateLink\u3067\u3069\u3061\u3089\u3092\u4f7f\u3046\u3079\u304d\u304b\uff1f<\/h2>\n\n\n\n

AWS\u3067\u30ed\u30fc\u30c9\u30d0\u30e9\u30f3\u30b5\u3092\u4f7f\u3046\u5834\u5408\u3001\u4e3b\u306bApplication Load Balancer (ALB)<\/strong> \u3068 Network Load Balancer (NLB)<\/strong> \u306e2\u7a2e\u985e\u304c\u3042\u308a\u307e\u3059\u304c\u3001PrivateLink\u3092\u4f7f\u7528\u3059\u308b\u5834\u5408\u306f NLB\u3092\u9078\u629e\u3059\u308b\u306e\u304c\u57fa\u672c<\/strong> \u3067\u3059\u3002<\/p>\n\n\n\n

NLB\u3092\u9078\u629e\u3059\u3079\u304d\u7406\u7531<\/strong><\/h3>\n\n\n\n
    \n
  1. PrivateLink\u306e\u5bfe\u5fdc<\/strong>\n
      \n
    • PrivateLink\u306fNLB\u3092\u4f7f\u7528\u3059\u308b\u3053\u3068\u3067VPC\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u3092\u4f5c\u6210<\/strong>\u3067\u304d\u307e\u3059\u3002ALB\u3092\u76f4\u63a5PrivateLink\u306b\u9069\u7528\u3059\u308b\u3053\u3068\u306f\u3067\u304d\u307e\u305b\u3093\u3002<\/li>\n<\/ul>\n<\/li>\n\n\n\n
    • \u4f4e\u30ec\u30a4\u30c6\u30f3\u30b7\u30fc<\/strong>\n
        \n
      • NLB\u306fTCP\/UDP\u30ec\u30d9\u30eb\u306e\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0<\/strong>\u3092\u884c\u3046\u305f\u3081\u3001ALB\u3088\u308a\u3082\u9ad8\u901f\u3067\u3059\u3002<\/li>\n<\/ul>\n<\/li>\n\n\n\n
      • \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306eIP\u30a2\u30c9\u30ec\u30b9\u900f\u904e<\/strong>\n
          \n
        • NLB\u3092\u4f7f\u7528\u3059\u308b\u3068\u3001\u5143\u306e\u30af\u30e9\u30a4\u30a2\u30f3\u30c8IP\u30a2\u30c9\u30ec\u30b9\u304c\u305d\u306e\u307e\u307e\u4fdd\u6301\u3055\u308c\u307e\u3059\u3002ALB\u3067\u306f X-Forwarded-For<\/code> \u30d8\u30c3\u30c0\u30fc\u3092\u4f7f\u7528\u3057\u306a\u3044\u3068\u5143\u306eIP\u304c\u5206\u304b\u3089\u306a\u304f\u306a\u308a\u307e\u3059\u3002<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n\n\n\n

          ALB\u3092\u4f7f\u3044\u305f\u3044\u5834\u5408<\/strong><\/h3>\n\n\n\n

          ALB\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306f\u3001NLB\u3092\u7d4c\u7531\u3057\u3066ALB\u306b\u8ee2\u9001\u3059\u308b\u69cb\u6210<\/strong>\u3092\u53d6\u308b\u3053\u3068\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n\n\n\n

            \n
          • PrivateLink \u2192 NLB<\/strong> \u2192 ALB \u2192 EC2<\/li>\n\n\n\n
          • \u305f\u3060\u3057\u3001PrivateLink\u7d4c\u7531\u3067HTTP(S)\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u51e6\u7406\u3057\u305f\u3044\u5834\u5408\u306f\u3001ALB\u306e\u524d\u306bNLB\u3092\u8a2d\u7f6e\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/li>\n<\/ul>\n\n\n\n
            \n\n\n\n

            2. AWS PrivateLink\u3092\u4f7f\u3063\u3066NLB\u306b\u63a5\u7d9a\u3059\u308b\u624b\u9806<\/h2>\n\n\n\n

            \u2460 NLB\u3092\u6301\u3064VPC\u3067VPC\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30b5\u30fc\u30d3\u30b9\u3092\u4f5c\u6210<\/strong><\/h3>\n\n\n\n

            NLB\u304c\u5b58\u5728\u3059\u308bVPC\u3067\u3001PrivateLink\u3092\u5229\u7528\u3059\u308b\u305f\u3081\u306e VPC\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30b5\u30fc\u30d3\u30b9<\/strong> \u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n\n\n\n

              \n
            1. AWS\u30b3\u30f3\u30bd\u30fc\u30eb\u3067\u300cVPC\u300d\u3092\u958b\u304f<\/strong><\/li>\n\n\n\n
            2. \u5de6\u30e1\u30cb\u30e5\u30fc\u304b\u3089\u300c\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30b5\u30fc\u30d3\u30b9\u300d\u3092\u9078\u629e<\/li>\n\n\n\n
            3. \u300c\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30b5\u30fc\u30d3\u30b9\u306e\u4f5c\u6210\u300d\u3092\u30af\u30ea\u30c3\u30af<\/li>\n\n\n\n
            4. NLB\u3092\u9078\u629e\u3057\u3066\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30b5\u30fc\u30d3\u30b9\u3092\u4f5c\u6210<\/li>\n\n\n\n
            5. \u30b5\u30fc\u30d3\u30b9\u540d (com.amazonaws.vpce-svc-xxxxxxxxxxxxxxxxx<\/code>) \u3092\u78ba\u8a8d<\/strong><\/li>\n<\/ol>\n\n\n\n

              \u2461 \u63a5\u7d9a\u3059\u308bVPC\u3067\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u3092\u4f5c\u6210<\/strong><\/h3>\n\n\n\n

              \u5225\u306eVPC\u304b\u3089NLB\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u305f\u3081\u306b\u3001\u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8<\/strong> \u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n\n\n\n

                \n
              1. \u300cVPC\u300d\u2192\u300c\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u300d\u3092\u958b\u304f<\/strong><\/li>\n\n\n\n
              2. \u300c\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u306e\u4f5c\u6210\u300d\u3092\u30af\u30ea\u30c3\u30af<\/li>\n\n\n\n
              3. \u30b5\u30fc\u30d3\u30b9\u540d\u306b \u4f5c\u6210\u3057\u305f\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30b5\u30fc\u30d3\u30b9 (com.amazonaws.vpce-svc-xxxxxxxxxxxxxxxxx<\/code>)<\/strong> \u3092\u5165\u529b<\/li>\n\n\n\n
              4. \u30b5\u30d6\u30cd\u30c3\u30c8\u3068\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u3092\u9069\u5207\u306b\u8a2d\u5b9a<\/li>\n\n\n\n
              5. \u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u304c\u4f5c\u6210\u3055\u308c\u305f\u3089\u3001DNS\u540d (vpce-xxxxxxxxxxxx-yyyyyyyy.vpce.amazonaws.com<\/code>) \u3092\u78ba\u8a8d<\/strong><\/li>\n<\/ol>\n\n\n\n

                \u2462 DNS\u3092\u4f7f\u7528\u3057\u3066NLB\u306b\u30a2\u30af\u30bb\u30b9<\/strong><\/h3>\n\n\n\n

                \u4f5c\u6210\u3057\u305fVPC\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u306eDNS\u540d\u3092\u4f7f\u7528\u3057\u3066\u3001NLB\u7d4c\u7531\u3067EC2\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306b\u30a2\u30af\u30bb\u30b9\u3067\u304d\u307e\u3059\u3002<\/p>\n\n\n\n

                \u63a5\u7d9a\u30b3\u30de\u30f3\u30c9\uff08\u4f8b\uff09<\/strong><\/h4>\n\n\n\n
                curl -v http:\/\/vpce-xxxxxxxxxxxx-yyyyyyyy.vpce.amazonaws.com\n<\/code><\/pre>\n\n\n\n
                \u307e\u305f\u3001Route 53\u306e\u30d7\u30e9\u30a4\u30d9\u30fc\u30c8\u30db\u30b9\u30c8\u30be\u30fc\u30f3\u3092\u5229\u7528\u3057\u3066\u3001\u3088\u308a\u308f\u304b\u308a\u3084\u3059\u3044\u30ab\u30b9\u30bf\u30e0\u30c9\u30e1\u30a4\u30f3\u540d\u3092\u8a2d\u5b9a\u3059\u308b\u3053\u3068\u3082\u53ef\u80fd\u3067\u3059\u3002<\/p>\n\n\n\n
                \n\n\n\n
                3. \u30c8\u30e9\u30d6\u30eb\u30b7\u30e5\u30fc\u30c6\u30a3\u30f3\u30b0<\/h2>\n\n\n\n
                com.amazonaws.vpce-svc-<\/code> \u306e\u30b5\u30fc\u30d3\u30b9\u540d\u304c\u8868\u793a\u3055\u308c\u306a\u3044<\/strong><\/h3>\n\n\n\n
                  \n
                • \u539f\u56e0<\/strong>: VPC\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30b5\u30fc\u30d3\u30b9\u304c\u6b63\u3057\u304f\u4f5c\u6210\u3055\u308c\u3066\u3044\u306a\u3044<\/li>\n\n\n\n
                • \u89e3\u6c7a\u7b56<\/strong>:\n
                    \n
                  • \u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30b5\u30fc\u30d3\u30b9\u304c\u300c\u627f\u8a8d\u306a\u3057\u3067\u5229\u7528\u53ef\u80fd\u300d\u306b\u306a\u3063\u3066\u3044\u308b\u304b\u78ba\u8a8d<\/li>\n\n\n\n
                  • NLB\u306e\u30bf\u30fc\u30b2\u30c3\u30c8\u30b0\u30eb\u30fc\u30d7\u304c\u6b63\u3057\u304f\u8a2d\u5b9a\u3055\u308c\u3066\u3044\u308b\u304b\u30c1\u30a7\u30c3\u30af<\/strong><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n
                    elasticloadbalancing.ap-northeast-1.amazonaws.com<\/code> \u3067\u30a2\u30af\u30bb\u30b9\u3067\u304d\u306a\u3044<\/strong><\/h3>\n\n\n\n
                      \n
                    • \u539f\u56e0<\/strong>: \u3053\u308c\u306fAWS\u63d0\u4f9b\u306eELB\u30b5\u30fc\u30d3\u30b9\u7528DNS\u540d\u3067\u3042\u308a\u3001\u30e6\u30fc\u30b6\u30fc\u304c\u4f5c\u6210\u3057\u305fNLB\u7528\u3067\u306f\u306a\u3044<\/strong><\/li>\n\n\n\n
                    • \u89e3\u6c7a\u7b56<\/strong>:\n
                        \n
                      • aws ec2 describe-vpc-endpoint-services<\/code> \u3067\u306f\u306a\u304f\u3001\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30b5\u30fc\u30d3\u30b9\u306e\u30da\u30fc\u30b8\u3067\u30b5\u30fc\u30d3\u30b9\u540d\u3092\u76f4\u63a5\u78ba\u8a8d<\/strong><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n
                        ❌ \u63a5\u7d9a\u3067\u304d\u306a\u3044\uff08\u30bf\u30a4\u30e0\u30a2\u30a6\u30c8\uff09<\/strong><\/h3>\n\n\n\n
                          \n
                        • \u539f\u56e0<\/strong>: \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u3084\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0\u8a2d\u5b9a\u306e\u554f\u984c<\/li>\n\n\n\n
                        • \u89e3\u6c7a\u7b56<\/strong>:\n
                            \n
                          • NLB\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u306b\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u306eVPC CIDR\u3092\u8a31\u53ef<\/strong><\/li>\n\n\n\n
                          • \u30bf\u30fc\u30b2\u30c3\u30c8\u30b0\u30eb\u30fc\u30d7\u306e\u30d8\u30eb\u30b9\u30c1\u30a7\u30c3\u30af\u3092\u78ba\u8a8d<\/strong><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n
                            \n\n\n\n
                            \u307e\u3068\u3081<\/h2>\n\n\n\n
                            AWS PrivateLink\u3092\u5229\u7528\u3057\u3066\u3001\u7570\u306a\u308bVPC\u304b\u3089NLB\u3092\u7d4c\u7531\u3057\u3066EC2\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306b\u30a2\u30af\u30bb\u30b9\u3059\u308b\u65b9\u6cd5<\/strong> \u3092\u89e3\u8aac\u3057\u307e\u3057\u305f\u3002<\/p>\n\n\n\n
                            \u8981\u70b9<\/strong><\/h3>\n\n\n\n
                            ✅ PrivateLink\u7d4c\u7531\u3067\u306e\u63a5\u7d9a\u306b\u306f NLB\u304c\u5fc5\u8981<\/strong>
                            VPC\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u30b5\u30fc\u30d3\u30b9<\/strong> \u3092\u4f5c\u6210\u3057\u3001\u4ed6\u306eVPC\u304b\u3089\u306e\u63a5\u7d9a\u3092\u8a31\u53ef
                            \u30a4\u30f3\u30bf\u30fc\u30d5\u30a7\u30a4\u30b9\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\u3092\u4f5c\u6210\u3057\u3001\u5c02\u7528\u306eDNS\u540d\u3092\u5229\u7528<\/strong>
                            \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30b0\u30eb\u30fc\u30d7\u3084\u30eb\u30fc\u30c6\u30a3\u30f3\u30b0\u306e\u9069\u5207\u306a\u8a2d\u5b9a\u304c\u5fc5\u8981<\/strong><\/p>\n\n\n\n
                            AWS PrivateLink\u3092\u6d3b\u7528\u3059\u308c\u3070\u3001\u7570\u306a\u308bVPC\u9593\u3067\u306e\u901a\u4fe1\u3092\u3088\u308a\u5b89\u5168\u306b\u3001\u304b\u3064\u30b7\u30f3\u30d7\u30eb\u306b<\/strong>\u5b9f\u73fe\u3067\u304d\u307e\u3059\u3002\u9069\u5207\u306b\u8a2d\u5b9a\u3092\u884c\u3044\u3001\u5b89\u5168\u3067\u9ad8\u901f\u306a\u901a\u4fe1\u74b0\u5883\u3092\u69cb\u7bc9\u3057\u307e\u3057\u3087\u3046\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"
                            \u306f\u3058\u3081\u306b AWS\u3092\u5229\u7528\u3059\u308b\u969b\u3001\u7570\u306a\u308bVP<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[559],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/posts\/3671"}],"collection":[{"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/comments?post=3671"}],"version-history":[{"count":1,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/posts\/3671\/revisions"}],"predecessor-version":[{"id":3672,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/posts\/3671\/revisions\/3672"}],"wp:attachment":[{"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/media?parent=3671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/categories?post=3671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blue-bear.jp\/kb\/wp-json\/wp\/v2\/tags?post=3671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}