Hello !
I have one public API service running in Apprunner. Also I'm using a documentDB service to handle my NoSQL database. The database and Apprunner instance is running in the same VPC
I've followed the tutorial here and connected the service to the database successfully. -> https://aws.amazon.com/blogs/containers/observability-for-aws-app-runner-vpc-networking/
Now I want to connect some public services on internet to get some data and make relations in the database. I can fetch some resources from online in some script I've added to the build step however inside from app I can't fetch. The request timeouts
My VPC has default 6 public subnets and has been already connected with an internet gateway.
Build command I'm using
npm install && npm run test:axios && npm run build
Test Axios script: ( This works perfectly )
// Import axios
const axios = require('axios');
// Make a request for a user with a given ID
async function main() {
const result = await axios.get('https://catfact.ninja/fact');
console.log(result.data);
}
main();
This is my simplified main application script: (TIMEOUT ERROR)
Error description:
Error: connect ETIMEDOUT 104.131.8.184:443
at TCPConnectWrap.afterConnect [as oncomplete] (node:net:1278:16) {
errno: -110,
code: 'ETIMEDOUT',
syscall: 'connect',
address: '104.131.8.184',
port: 443 }
const networkTester = async () => {
const https = require('node:https');
console.log('NETWORK TESTER');
https
.get('https://catfact.ninja/fact', (res) => {
console.log('statusCode:', res.statusCode);
console.log('headers:', res.headers);
res.on('data', (d) => {
process.stdout.write(d);
});
})
.on('error', (e) => {
console.error(e);
});
};
networkTester();
So I have to create a public NAT Gateway with elastic IP for that public subnet which I included in the VPC connector settings, right ?
Yes, a NAT Gateway must be created. After creating the NAT Gateway, add a route to the NAT Gateway to the route table of the subnet used for the VPC connector.
Thank you! I've created a public NAT gateway and add routing of subnet IP block to that NAT gateway, however still apprunner instance can't access to the internet. Should I add some extra configuration to the NAT gateway to connect internet ?
I've connected the apprunner instance to a new private subnet, then added a NAT gateway to the private subnet to a public subnet. Now it's working smoothly