Where to Keep Application load balancer (ALB), API gateway - Design suggestion required

0

Need to design a mobile/web app and need suggestion on infra part. I have decided to use application load balancer (ALB), but not sure should I have an API gateway as the entry point to the app or the application load balancer will be used as the entry point?

1개 답변
1

Hi,

The answer is depends ;)

API Gateway comes with a series of mechanism/features/integrations that make it a typical case as API facade. For instance, you get:

  • well separated authorization layer (via Lambda authorizers, Cognito or JWT)
  • Usage plan with throttling and request limits
  • API versioning via stages
  • canary releases
  • integration with CloudFront, WAF depending on the type (REST vs HTTP)

There are some limitations as number of request per seconds (10000), payload size and more (https://docs.aws.amazon.com/apigateway/latest/developerguide/limits.html). It is more expensive than ALB.

With ALB you can do OIDC and Cognito, achieve throttling via WAF, and generally scales better, but then you lose some of above.

Without having data on usage, users distribution, organization size and more, is bit tricky, but I have seen following architectures:

  • CloudFront + WAF -> API GW ->Lambda
  • CloudFront + WAF -> ALB -> Lambda/EKS
  • Cloudfront + WAF -> API GW -> ALB -> Lambda/EKS
  • Cloudfront + WAF -> ALB -> APIGW -> Lambda/EKS

So you can use them individually or have api gw in front of or behind apigw. The first 2 are the easiest cases and will fit most of cases. CloudFront can be omitted but typically is good for latency and edge optimized APIs. The latter ones I have seen in case of heavy multi account setup and traffic inspection in regulated environment, many internal APIs and more complex.

Eventually, if you expect massive traffic, ALB is better, but then you lose out of box features I mentioned. API GW will scale too, with certain limits.

Finally another option for mobile could be AppSync (GraphQL) but I left it out as wasn’t of your ask, though it can reduce the number of http apis from client to server.

Hope it helps

profile picture
전문가
답변함 일 년 전
전문가
검토됨 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인