Thanks for checking. Some of these resources and reference architecture will provide good background from a serverless standpoint
- This is a good re:Invent presentation : https://d1.awsstatic.com/events/reinvent/2019/REPEAT_1_Best_practices_for_building_multi-region,_active-active_serverless_applications_SVS337-R1.pdf
These are also some good references you can refer
Creating a Multi-Region Application with AWS Services
Security specific areas that can be referred
You have some options to implement what you are trying to.
If you want to implement the API in just one region but you have API consumers in other regions, you can use an Edge Optimized API Gateway end-point. That adds a Cloudfront distribution in front of the API Gateway, thereby ensuring that clients can get into the AWS network from the POP nearest to them, thereby reducing the latency of API calls. - https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-api-endpoint-types.html
If the Edge Optimized API Gateway does not work for you, you will need to look at implementing multi-region Regional API Gateway endpoints. You will then have to either shard your API consumers, so every region has to maintain data only for its own local consumers, or if that does not work for you, then you will have to replicate the data across all the regions. You also have to make sure that your Infrastructure as Code and CI/CD pipelines deploy your infrastructure and code in every region whenever changes are needed.
If you go with the sharding kind of approach, then every region can have its own regional end-point which is exposed to the consumers of that regional endpoint only.
If you don't want to shard consumers but want them to be able to connect to any of the regional end-points, then you can use one of two approaches - Cloudfront Origin Failover or Route53 routing policies
Cloudfront origin failover can work if you have two regions, a primary and a secondary. It however works only for GET, HEAD and OPTIONS and does not support POST or PUT requests etc. - https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html
With Route53 routing policies, you can choose Geolocation routing or Geoproximity routing or Latency routing policies - https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html
Architecture for multi-region ECS applicationasked 5 months ago
How to configure record set for a custom domain name for a multi region api gateway?asked 9 days ago
Multi Region strategy for API Gatewayasked 9 months ago
AWS SNS delivery to multi regionasked 9 months ago
Cognito: multi region supportasked 9 months ago
How does authentication/authoriation work with multi region api in a DNS fail-over scenario?Accepted Answer
How to configure a custom domain name for api gateway in a multi region scenario?
AWS Api gateway for REST API does not work with multi-level base path mappingasked 7 months ago
How to host an multi region api in aws?asked 15 days ago
How to declare multi region access point in cloudformation templateasked 4 months ago