How do I connect to API Gateway from my on-premises network?

2 minute read
0

I want to connect to Amazon API Gateway from my on-premises network.

Short description

You can connect to the following APIs directly from an on-premises network:

However, you can access private REST APIs only from within an Amazon Virtual Private Cloud (Amazon VPC) through an interface VPC endpoint.

Resolution

Prerequisites: You must connect your on-premises network to the internet. Also, your on-premises network's firewall must allow traffic to and from the API Gateway endpoint.

Connect an on-premises network to a REST API, HTTP API, or WebSocket API

To connect your on-premises network to API Gateway, see the following documentation:

Connect an on-premises network to a private REST API

Choose one of the following access methods based on your configuration.

Note: The security group for the interface endpoint must allow inbound traffic from your on-premises source CIDR range on TCP port 443. Also, you must update the private API resource policy to allow private API traffic from the source VPC or VPC endpoint.

Direct Connect

You can use AWS Direct Connect to connect your on-premises network to Amazon VPC and use public DNS names to access your private API.

Route 53 alias

Associate a VPC endpoint with the private REST API. Then, use the Amazon Route 53 alias DNS record that's generated to invoke the private API.

Private DNS names

If you use a private DNS, then you can use the private DNS names to access your private API from your on-premises network. Set up a Route 53 Resolver inbound endpoint, and then forward all DNS queries of the private DNS from your on-premises network to the endpoint.

Public DNS names

You can use endpoint-specific DNS hostnames to access your private API from your on-premises network.

Related information

How do I access a private API Gateway API when the VPC endpoint uses an on-premises DNS?

AWS OFFICIAL
AWS OFFICIALUpdated 4 months ago