使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款

Configuration of NLB Targets and API Integration Request when connect Rest API to VPC endpoint using VPC Link, NLB

0

I have a REST API in account A that I want to have access a private rest api in account b. In account A, I have configured the rest api with a vpc link. This VPC link is connected to my Network Load Balancer which should direct the request to the VPC Endpoint, still in account A. From the VPC Endpoint, the request should go over to the other account based on the resource policy crafted for the private rest api in Account b.

This architecture can be found in "Regional API Gateway to private API Gateway cross-account" section of https://aws.amazon.com/blogs/compute/architecture-patterns-for-consuming-private-apis-cross-account/

When running the API, from account A, I am getting a 500 error code that says " Execution failed due to configuration error: There was an internal error while executing your request"

I have the two following problems/questions:

  1. When I check my registered targets in the assigned Target group for my NLB, it says the targets are unhealthy. I made sure to make sure these targets were IP addresses that were in the subnets of the NLB and VPC Endpoint CIDR Block.
  2. I am using stageVariables.VpcLinkId to link the integration for the API, but I am unsure what I should have for the Endpoint URL, should it be the VPC endpoint DNS Name, the NLB DNS Name, or the private API DNS name (Account B). And should any of these be included in the header of the request from the api in Account A?
1 個回答
1

Hi there,

Answering your questions as below :

  1. The unhealthy status could be due to various reasons of either connectivity over the TCP layer or even with the response received from the health check from the NLB. Without looking into the setup, its very difficult to determine the reason for the unhealthy status.

Please check out the mentioned links below :

https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-troubleshooting.html

https://repost.aws/knowledge-center/fargate-nlb-health-checks

https://www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://www.reddit.com/r/aws/comments/eutpbm/nlb_how_does_health_checks_works_for_target_group/&ved=2ahUKEwim-PCIo7WGAxVXXUEAHaDED7sQFnoECDIQAQ&usg=AOvVaw29Rp41O8dvpA-BtKopsCkj

  1. Generally VPC endpoint DNS Name, should be the way to go. However, looking at your query and your setup, It would be best if you can create a Support Ticket with the AWS Support to get this checked at your account level and make sure you will be promptly assisted. Please open a support case with AWS using the following : https://console.aws.amazon.com/support/home#/case/create
AWS
支援工程師
已回答 6 個月前
profile picture
專家
已審閱 6 個月前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南