Where to Keep Application load balancer (ALB), API gateway - Design suggestion required

0

Need to design a mobile/web app and need suggestion on infra part. I have decided to use application load balancer (ALB), but not sure should I have an API gateway as the entry point to the app or the application load balancer will be used as the entry point?

1 Answer
1

Hi,

The answer is depends ;)

API Gateway comes with a series of mechanism/features/integrations that make it a typical case as API facade. For instance, you get:

  • well separated authorization layer (via Lambda authorizers, Cognito or JWT)
  • Usage plan with throttling and request limits
  • API versioning via stages
  • canary releases
  • integration with CloudFront, WAF depending on the type (REST vs HTTP)

There are some limitations as number of request per seconds (10000), payload size and more (https://docs.aws.amazon.com/apigateway/latest/developerguide/limits.html). It is more expensive than ALB.

With ALB you can do OIDC and Cognito, achieve throttling via WAF, and generally scales better, but then you lose some of above.

Without having data on usage, users distribution, organization size and more, is bit tricky, but I have seen following architectures:

  • CloudFront + WAF -> API GW ->Lambda
  • CloudFront + WAF -> ALB -> Lambda/EKS
  • Cloudfront + WAF -> API GW -> ALB -> Lambda/EKS
  • Cloudfront + WAF -> ALB -> APIGW -> Lambda/EKS

So you can use them individually or have api gw in front of or behind apigw. The first 2 are the easiest cases and will fit most of cases. CloudFront can be omitted but typically is good for latency and edge optimized APIs. The latter ones I have seen in case of heavy multi account setup and traffic inspection in regulated environment, many internal APIs and more complex.

Eventually, if you expect massive traffic, ALB is better, but then you lose out of box features I mentioned. API GW will scale too, with certain limits.

Finally another option for mobile could be AppSync (GraphQL) but I left it out as wasn’t of your ask, though it can reduce the number of http apis from client to server.

Hope it helps

profile picture
EXPERT
answered a year ago
EXPERT
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions