How do I create a Route53 healthcheck for a private API Gateway which uses a VPC Endpoint?

1
votes

Id like to learn how I can create a set of resources in AWS such that a Route53 healthcheck can run HTTPS checks on a private API Gateway RestAPI/HTTPAPI. The API Gateway API uses a VPC Endpoint and is private (not regional, nor edge optimized)

Currently on the Route53 documentation I dont see anywhere if running checks on private endpoints is possible. Is it possible/supported? If so, how exactly can I set this up? I am happy to use cloud formation, Powershell script, or even Terraform if such a feature is supported.

1
amazon-web-servicesaws-api-gatewayamazon-route53

1 Answers

0
votes

I dont see anywhere if running checks on private endpoints is possible. Is it possible/supported?

Its not possible to directly test these checks, as R53 health checkers use internet to check the health of an endpoint:

At regular intervals that you specify, Route 53 submits automated requests over the internet to your application, server, or other resource to verify that it's reachable, available, and functional.

The only workaround that I can think of is to create R53 health checks that monitor CloudWatch Alarms:

You can create CloudWatch alarms that monitor the status of CloudWatch metrics, such as the number of throttled read events for an Amazon DynamoDB database or the number of Elastic Load Balancing hosts that are considered healthy.