Imported Google Group message. Original thread at: https://groups.google.com/forum/#!topic/tyk-community-support/Vp-a1stSXl4 Import Date: 2016-01-19 21:31:41 +0000.
Date:Monday, 23 November 2015 09:22:43 UTC.
Hope all is well.
We're very close to launching tyk in a production environment. However, one issue has come up:
When a request is made to Tyk, who actually makes the request to the API? Is it Tyk or the client?
The reason I ask is because I ran a test in AWS where my Tyk and API servers are. I opened access on port 80/443 to the Tyk server and closed access to the API server for everyone but the Tyk server security group.
After I did this, the API server could not be accessed when requests were made to Tyk.
Is this the expected behavior? I don't really want to expose my API server if I can avoid it.