I need to communicate elasticache(Redis engine) using AWS API gateway. I successfully connected the ElastiCache from lambda function in the same VPC. I cant connect from outside VPC.
So I tried to create an API gateway, and select integration type as AWS Service Proxy and AWS Service as ElastiCache.
This is the screenshot for creating an API gateway
But I don't know, how to test this created API for executing Redis commands.
eg: SET A FOO
is it possible to communicate ElastiCache using API gateway?
API Gateway service proxy is for proxying the AWS API, not the Redis API, so that's not going to work for you. You will have to create a Lambda function and use API Gateway Lambda integration.
Related
I'm searching for a way to expose service routes to Api Gateway automatically. The flow should be the following:
New service in EKS is created
Two proxy resources added to api
gateway /public/{service-name} and /private/{service-name}
Integration with new service added to created resources (perhaps we
would have ALB per service, so it resource integration would be done
through ALB)
Api gateway redeployed
So far, I've come up with the solution using a lambda function which will listen to cloudtrail ALB creation event and make calls to API gateway to create new resources and publish them
but I feel that there should be something more AWS native that works out of the box.
I want to create websocket api using amazon API gateway. Is it possible to configure it such a way that can transfer data from/to EC2 instances? I know with lambda function it is possible but instead of lambda, is it possible to leverage EC2 server a backend for WebSocket API implementation?
WebSocket API implementation using API Gateway has a integration support for HTTP. So you can expose your HTTP endpoint on EC2 server, then integrate this with your WebSocket API implementation with EC2 as a backend(integration type). For details, refer to below AWS doc:
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-websocket-api-integration-requests.html
in my case, it would be AWS service. we will use EC2 as aws service in backend. we dont have HTTP endpoint. there are many documents and tutorials available but 99% of those are using lambda function. I am trying to integrate with EC2.
I have a problem configuring my AWS API Gateway:
I have an API deployed in an EKS cluster, and it has a public load balancer, so right now, this API is accessible from everywhere. I want to allow access to this API only from AWS API Gateway, so if anyone wants to use the API, it has to be through AWS API Gateway.
The problem is that I don't know how to allow traffic to the API only from API Gateway. I tried using a security group, but AWS API Gateway IP changes all the time. I tried also using an internal load balancer in my Kubernetes deployment, but AWS API Gateway can't reach that loadbalancer!
Thanks in advance with the help!
You can do this by using a Network Load Balancer.
Create an internal network load balancer and have your containers be added to its target group.
Then in API Gateway create a VPCLink to your Network Load Balancer. Then use the VPCLink within your API Gateway setup.
More instructions available here.
You might be able to accomplish this by setting up an API Gateway private integration. This makes it simple to expose your HTTP/HTTPS resources behind an Amazon VPC for access by clients outside of the VPC.
Also, have a look at Amazon EKS cluster endpoint access control in order to understand how you can enable endpoint private access for your cluster.
I have gone through the Amazon API gateway and lamda and its i understand the combination as lamda proving computation.
Is lamda is providing computation only or it can connect to EC2 linux instance and further to RDS?
Or Amazon API gateway direct connect to EC2 Linux instance?
I am confused?
Can any one help me on this?
Thanks
So in my opinion you are looking at serverless framework which is an API gateway which is configured with stages that send requests to your lambda function.
There is no need for Ec2 instance usage. Lambda function will establish connections with your database and make calls to it. Your database setup can be either private or public.
Additionally, on top of your api gateway you can implement something like cloudfront distribution and WAF which will provide further enhancements to your setup.
I deployed a lambda to AWS and created an api gateway to access it. I don't want the API gateway to be public because the lambda is only called from one of my ec2 instance. What is the best way to configure it to secure this API? My ec2 instance needs public IP address since I have DNS configure route pointing to it.
Since you are only using the AWS Lambda function from a single Amazon EC2 instance, there is no need to use API Gateway. (API Gateway is normally used to expose an API to a large number of users.)
You can instead invoke an AWS Lambda function directly:
You can use the AWS Command-Line Interface (CLI) by calling aws lambda invoke
You can also use an AWS SDK from a programming language such as Python, Java and Node.js
I would recommend using Private API in Amazon API Gateway,
This will secure your API Gateway and make it accessible only to the resources within your VPC.
It can be further secured using the Security group and Resource Policy for a Private API.
You will need to create an Endpoint to use a Private API Gateway though.
Detailed setup -
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-private-apis.html