Hello,
I have an HTTP API Gateway set up with a VPC Link and a private integration and all I get back when hitting my route is a 503.
Here's the setup:
ECS Fargate Cluster with private subnets
ECS Task running and reporting healthy
ALB in private subnets using Target Group pointing to the ECS Task - all is reported as healthy
VPC Link in private subnets of the same VPC as the other stuff
API Gateway with proxy route with private integration pointing to the ALB mentioned above
Security groups seem to be ok (VPC Link groups allow HTTP/S traffic only from my IP, ALB groups allow all traffic, ECS service groups allow all traffic)
The thing is, I have this exact same setup with the same task in another cluster and VPC and it is working fine there. I use Terraform to build all this out so it is literally identical. I have tried recreating everything and it hasn't helped.
Here's the message I am logging to CloudFront:
{
"httpMethod": "GET",
"integrationErrorMessage": "-",
"protocol": "HTTP/1.1",
"requestId": "EqS4wjhWCYcEMJg=",
"requestTime": "09/May/2023:15:21:40 +0000",
"resourcePath": "-",
"responseLength": "33",
"routeKey": "ANY /{proxy+}",
"sourceIp": my_ip,
"status": "503",
"errMsg": "Service Unavailable",
"errType": "INTEGRATION_NETWORK_FAILURE",
"intError": "-",
"intIntStatus": "200",
"intLat": "9003",
"intReqID": "-",
"intStatus": "-"
}
This seems to indicate the the integration can't talk to the ALB but I have no idea why. Also the response always takes just around 9 seconds
EDIT: I just spun up an EC2 instance in the same VPC (albeit in the public subnet) and I can hit the private ALB with it
Perhaps your load balancer was created as external instead of internal and thus it can be accessed over the public internet but not over VPC link? Please share the terraform code if you would like further assistance.
I'm having the exactly same problem with the same tech stack (also build with Terraform). @donkee any luck figuring it out?