By using AWS re:Post, you agree to the Terms of Use

Will Route 53-with-Failover Based on CloudWatch Work With A Private API-Gateway REST-API?

0

If an AWS region goes down (like us-east-1), will a CloudWatch based health check that we want to use for Route 53 Failover fail to function properly if our API-Gateway REST-API is Private?

Background We wish to fail over if an AWS region is down (hypothetical example: Fail-over from us-east1 to us-east-2). A concern was raised that we may not be able to fail-over from us-east-1 (or whatever region we choose) properly if our Failover Routing Policy is tied to a CloudWatch based solution that is in us-east-1.

Details of our approach which includes fail-over:

  • VPC (with Private subnets for some of our items)
  • Use VPCE to route traffic from a non-AWS system to AWS Route 53 through a public zone. (Has to be a public zone for our needs)
  • Create CloudWatch metric / alarm. (Are either of those region specific?)
  • Create AWS Route 53 with Failover routing policy. Uses health check based on the CloudWatch metric / alarm.
  • Route 53 to Private API-Gateway ( LambdaRestApi in Typescript CDK speak )
  • Private API-Gateway to Lambda
  • And so on.. Lambda to the data it needs.

Failover Routing Policy is covered in AWS Developer Guide page Choosing a routing policy

Related:

Related question, but not exact: https://repost.aws/questions/QUVcLK5gUqSxKGondJkrzw0Q/private-zone-route-53-health-checks