AWS announces AWS Interconnect – multicloud (preview), providing simple, resilient, high-speed private connections to other cloud service providers. AWS Interconnect - multicloud is easy to configure and provides high-speed, resilient connectivity with dedicated bandwidth, enabling customers to interconnect AWS networking services such as AWS Transit Gateway, AWS Cloud WAN, and Amazon VPC to other cloud service providers with ease.
How do I create a private integration with an internal Application Load Balancer for an API Gateway HTTP API?
I want to create a private integration with an internal Application Load Balancer for an Amazon API Gateway HTTP API.
Resolution
Note: If you receive errors when you run AWS Command Line Interface (AWS CLI) commands, then see Troubleshooting errors for the AWS CLI. Also, make sure that you're using the most recent AWS CLI version.
Create the VPC link
Prerequisite: Create an Application Load Balancer.
You can use either the API Gateway console or the AWS CLI to create the VPC link.
API Gateway console
Complete the following steps:
- Open the API Gateway console.
- In the navigation pane, choose VPC links, and then choose Create.
- For Choose a VPC link version, choose VPC link for HTTP APIs.
- For Name, enter a name for your VPC link.
- On the VPC dropdown list, select a VPC for your Application Load Balancer to connect to.
- For Subnets, select your subnets to include in the VPC link.
- For Security groups, select the security groups for the VPC link, and then choose Create.
AWS CLI
Run the following create-vpc-link command:
aws apigatewayv2 create-vpc-link --name MyVpcLink \ --subnet-ids subnet-aaaa subnet-bbbb \ --security-group-ids sg1234 sg5678
Create an HTTP API and route
Complete the following steps:
- Open the API Gateway console.
- Choose Create API.
- For HTTP API, choose Build.
- For API name, enter a name, and then choose Next.
- For Configure routes, choose Next.
- For Configure stages, choose Next, and then choose Create.
- In the navigation pane, choose Routes, and then choose Create.
- For Method, choose ANY.
- For path, enter /{proxy+} and then choose Create.
Create a private integration and deploy the HTTP API
Complete the following steps:
- Open the API Gateway console.
- Select your HTTP API.
- In the navigation pane, choose Integrations.
- For Integrations, choose Manage integrations, and then choose Create.
- For Attach this integration to a route, choose ANY /{proxy+}.
- For Integration target, choose Private resource.
- For Integration details, choose Select manually.
- For Target service, choose ALB/NLB.
- For Load balancer, select your Application Load Balancer.
- For Listener, choose HTTP 80.
- For VPC link, select your VPC, and then choose Create.
- If you didn't activate Auto deploy, then choose Deploy.
- For Invoke URL, note the URL and enter it into a new browser window. An example URL is https://abcdef123.execute-api.us-east-1.amazonaws.com.
Note: Private integration traffic uses the HTTP protocol. If you require private integration traffic to use HTTPS, then use the AWS Management Console to specify a TlsConfig. When you create your private integration, choose Advanced settings, and then enter a secure server name. For more information, see Create private integrations for HTTP APIs in API Gateway.
Related information
Amazon API Gateway HTTP API tutorials
How do I map the response status codes for API Gateway integrations in HTTP APIs?
- Language
- English
Can we include the step for configuring 'Secure server name' in advanced settings to allow API Gateway to connect to the backend host using HTTPS? By default, the traffic to the backend URL will be using the HTTP protocol. If you require the traffic to use HTTPS, enter a secure server name in Advanced Settings when configuring the integration.
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
Relevant content
- asked 4 years ago
- asked 2 years ago
