- Newest
- Most votes
- Most comments
I will complain about the solution with NLB. Why? It's not serverless anymore because NLB is alive all the time and you need to pay for it. Using API Gateway and Lambda we can pay only for usage.
But going back to the question.
FinneyCanHelp, is it a private API Gateway?
If not, you can easily go with CustomDomain available in API Gateway.
If yes, you need to make some tricks. You can go with the solution from Oli or use Route53 alias. In this doc, you can find all methods of invoking Private API Gateway.
If I understand you correctly, you would like to front API Gateway with a friendly hostname configured in Route53. If this is what you are after, consider this post - https://georgemao.medium.com/enabling-private-apis-with-custom-domain-names-aws-api-gateway-df1b62b0ba7c . It's currently an easy workaround that you can use by fronting an NLB with API Gateway but using a custom domain name for your private API Gateway resources.
Relevant content
- asked 9 months ago
- Accepted Answerasked 5 years ago
- asked 4 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
"private API Gateway" = true
Then you can use the automatically created Route53 alias to communicate with private API Gateway as I linked above. It will automatically route your traffic through VPC Endpoint to the API Gateway. But remember to add resource policy to API Gateway to limit traffic only from your VPC or from VPC Endpoint.
Btw. how are you communicating from non-AWS workload to private resources in the VPC?
In regards to "how are you communicating from non-AWS workload to private resources in the VPC?" AWS Direct Connect is part of it from what I understand. In the past, others used VPCE's to route an AWS-thing's traffic from non-AWS to AWS over a private Direct Connect
Use VPCE (of type Interface) to route traffic from non-AWS-system to AWS Route 53. Route 53 to API-Gateway API-Gateway to Lambda
This is related: https://aws.amazon.com/blogs/compute/introducing-amazon-api-gateway-private-endpoints/ and reading the Conclusion at the bottom is important.