AWS API gateway to load balancer on private subnet ecs connection for microservices

0
votes

I have a VPC with public (With NAT gateway ) and private subnet. As part of designing microservices on aws platform, my goal is 1. Ec2 in private subnet 2. load balancer pointing to ec2 in private subnet 3. Api gateway pointing to load balancer,

my problem is I can only use application load balancer when the instance is in public subnet but the load balancer is accessible publicly. however, I want my services to be accessed only using api gateway,

I have read using NLB + VPCLink, however, the ec2 instances should still be on public subnet. no luck trying on private subnet.

1
amazon-web-servicesamazon-ec2microservicesaws-api-gatewayaws-load-balancer

1 Answers

0
votes

allow the traffic only from Network Loadbalancer to the instances in public subnet. (or) https://aws.amazon.com/premiumsupport/knowledge-center/public-load-balancer-private-ec2/ You can now provide access to HTTP(S) resources within your Amazon Virtual Private Cloud (VPC) without exposing them directly to the public Internet. You can use API Gateway to create an API endpoint that is integrated with your VPC. You create an endpoint to your VPC by setting up a VPC link between your VPC and a Network Load Balancer (NLB), which is provided by Elastic Load Balancing. The NLB send requests to multiple destinations in your VPC such as Amazon EC2 instances, Auto Scaling groups, or Amazon ECS services. NLBs also support private connectivity over AWS Direct Connect, so that applications in your own data centers will be able to connect to your VPC via the Amazon private network.

https://aws.amazon.com/about-aws/whats-new/2017/11/amazon-api-gateway-supports-endpoint-integrations-with-private-vpcs/