- Newest
- Most votes
- Most comments
If you are asking if it is possible to use API Gateway only within your VPC(s)/account(s) (where callers are also internal) then API Gateway can be configured as a Private API, where only your VPC/accounts can interact with it. See here for an overview.
Using Amazon API Gateway, you can create private REST APIs that can only be accessed from your virtual private cloud in Amazon VPC by using an interface VPC endpoint. This is an endpoint network interface that you create in your VPC.
Using resource policies, you can allow or deny access to your API from selected VPCs and VPC endpoints, including across AWS accounts. Each endpoint can be used to access multiple private APIs. You can also use AWS Direct Connect to establish a connection from an on-premises network to Amazon VPC and access your private API over that connection.
If you want to expose private services within your VPC to the public Internet, you might be looking for a Private Integration:
The API Gateway private integration makes it simple to expose your HTTP/HTTPS resources within an Amazon VPC for access by clients outside of the VPC. To extend access to your private VPC resources beyond the VPC boundaries, you can create an API with private integration.
Yes you can. There are two different concepts to understand here:
a) Creating a private endpoint for API Gateway b) Having API Gateway access private resources inside a VPC
For the first, refer to this blog - https://aws.amazon.com/blogs/compute/introducing-amazon-api-gateway-private-endpoints/ or refer to the AWS documentation - https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-apis.html
For the second, refer to this blog - https://aws.amazon.com/blogs/compute/understanding-vpc-links-in-amazon-api-gateway-private-integrations/ or refer to the AWS documentation - https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-private-integration.html
Relevant content
- asked 5 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago