ALB routing to API gateway

0

We are in the process of migrating our services form gen1 to gen2.

Gen 1 was created using ALB going to an ec2 server. Gen 2 uses API gateway with AWS lambda

We'd like to support that both APIs under fqdn/v1 and fqdn/v2

Is there a way to proxy this with ALB or do I need to setup an ec2 instance or similar to route requests with nginx? Is there an entirely different approach I should take

2 Answers
3

Regarding the completely different approach you were asking about, you should consider using a CloudFront distribution rather than ALB in front of the API Gateway. The API Gateway and ALB are both regional resources, so traffic from your end users travels over the public internet to the AWS region where the API Gateway and/or ALB are located.

By comparison, CloudFront has edge locations distributed around the world and connected to AWS's backbone network. While the API Gateway will ultimately still be geographically just as far away, traffic from end users will go to one the CloudFront edge locations closest to the user. CloudFront will use AWS's own, high-capacity backbone network (and not the general internet) to carry the request the rest of the way to your API Gateway. The return path for the response is the same but in the reverse direction.

You can also leverage the various traffic routing options that CloudFront provides, the scalability of WAF (Web Application Firewall) when combined with the global array of CloudFront edge locations, the optional Shield Advanced DDoS protection combined with CloudFront's global scalability, caching of content at the edge, and other advanced options like CloudFront Functions to manipulate requests or responses that are examples of options that aren't available or are more limited with regional resources, such as an API Gateway or ALB.

AWS has a support article with detailed instructions for setting up the custom CloudFront distribution for the API Gateway here: https://repost.aws/knowledge-center/api-gateway-cloudfront-distribution

EXPERT
Leo K
answered 4 months ago
2

You can put an API Gateway in the front and route the v2 to Lambda and v1 to an HTTP endpoint, which points to the ALB.

You can also do it the other way around, however, you will need to use a Private API Gateway and point the ALB to the Address of the VPC Endpoint that you will create to access the API from the VPC.

profile pictureAWS
EXPERT
Uri
answered 4 months ago
profile picture
EXPERT
reviewed 4 months ago
profile picture
EXPERT
reviewed 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions